Author: Tom Marazita Date: To: exim-users Subject: Re: [Exim] Wish list (I think) regarding sender verify callout.
Philip Hazel wrote: > On Tue, 1 Oct 2002, Nico Erfurth wrote:
>
>
>>So you want to accept mails from hosts that would not accept your bounces?
>
>
> Exactly.
>
> The whole point of callout is to check that the host will accept a
> bounce from you before you accept the message. If you aren't going to
> enforce that, there's no point in doing the callout at all.
>
I agree; however, it seems the bounce can fail for two (maybe more) reasons:
1) The RCPT TO: can fail, in which case I'm happy to reject
the message since it means the sender was invalid. I see a large
number of these situations in the log files, and they are sender addresses
that have usually been forged and for which I do not want to accept the mail.
2) The MAIL FROM:<> can itself fail, which indicates the host at the
other end has a poorly configured mailer; or at least
that's what it seems to have indicated with the hosts I've
come up against recently. The sender might still
actually be valid though, and in that case I might still want
to accept the message even if I can't verify it due to their not
accepting the bounce.
I've come up against about half dozen of these in the past
six months; in all cases the sender would have been a valid
address but we rejected the message. Naturally I have contacted
their postmasters, but with very little response.
My only other options are to disable sender/callout (but it has been
so useful otherwise...) or keep a manual list of domain exceptions (which
I have to deal with only once the problem has been identified).
