Author: Alan J. Flavell Date: To: Dave C. CC: Exim users list Subject: Re: [Exim] Wish list (I think) regarding sender verify callout.
On Thu, 3 Oct 2002, Dave C. wrote:
> Inseperably tying #2 to #1 effectively prevents the deployment of either
I don't necessarily agree. As I said before, we only do callbacks on
domains which our experience has told us are commonly associated with
counterfeit sender addresses.
In deciding whether to put a domain into that list, one can assess
1. whether the MX for the domain responds correctly to callbacks, and
2. whether there is any prospect of the MX for the domain actually
repudiating invalid addresses in a callback.
Your objection seems to be based on the consequences of doing
callbacks on _all_ domains, without regard to their behaviour. As I
said before - there seems to be no point in wasting effort on callback
to a domain which invariably responds "recipient syntactically ok"
or "ok, will relay" etc. to whatever nonsense RCPT TO one feeds it.
Equally, there's no point in trying callback to a domain which never
responds to SMTP, or one which is known to misbehave in response to
bounces.
You might argue that you can't or won't expend the effort on managing
this list of callback domains. That's fine too. I'm just trying to
say that there are options - it's not as black/white as you make it
out to be.
