Re: [Exim] Reaction to rude 554 greeting

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Exim Users Mailing List
Date:  
À: Giuliano Gavazzi
CC: Exim Users
Sujet: Re: [Exim] Reaction to rude 554 greeting
[ On Monday, March 17, 2003 at 00:37:12 (+0000), Giuliano Gavazzi wrote: ]
> Subject: Re: [Exim] Reaction to rude 554 greeting
>
> At 5:18 +0530 2003/03/17, Suresh Ramasubramanian wrote:
> >On Monday, March 17, 2003 3:09 AM [GMT+0530=IST],
> >Jason Robertson <jason@???> wrote:
> >
> >> Correct me if I am wrong, but if I remember my RFC's correctly doesn't
> >> all 5xx errors refer to a permanent error?
> >>
> >> Personally if I find a host that is blocked trying to connect to all
> >> my mail servers, they get both listed in the firewall rules, and are
> >> null routed.
> >
> >5xx mostly demands that if you retry, do so later, *manually*. What it
> >does say is that the remote domain refuses to accept delivery of the
> >current message.
> >
>
> what current message?


The one the mailer is trying to deliver -- the one with a recipient
address which resulted in making a connection attempt to the host which
is now refusing it.

> [BTW, the connection might have been just a
> sender/callout verify]


That's a whole other barrel of monkeys, and one strictly outside the
existing standards since it's an activity which is not specified in the
existing standards. This active sender verification stuff has to be
treated very VERY carefully because it can cause all kinds of unexpected
screwups! All your example here does is prove just how poorly thought
out this active sender verification idea is in the first place.

> I am sorry, but until the intention of delivering a message has been
> stated, the error cannot mean that the domain refuses to accept *the*
> delivery.


No, actually the error _MUST_ mean that the host is refusing to accept
delivery! That's what the "5" in any 5xx response code means! It's a
permanent failure -- no further retries can be allowed!

> ALSO:
>
>     If MX records are present, but none of them are usable, this situation MUST
>     be reported as an error.

>
> and few lines down:
>
>     To provide reliable
>     mail transmission, the SMTP client MUST be able to try (and retry)
>     each of the relevant addresses in this list in order, until a
>     delivery attempt succeeds.  However, there MAY also be a configurable
>     limit on the number of alternate addresses that can be tried.  In any
>     case, the SMTP client SHOULD try at least two addresses.

>
> so, you report an error when none of them are usable


Yes, exactly, when no MX records are usable then you report an errro.

Note however that any 5xx response during any delivery attempt (with the
possible exception of a 552 response to a second or subsequent RCPT
command) also means that the delivery cannot ever possibly succeed, even
though the MX was in fact "usable" and an error MUST be reported
immediately with no further retries.

(and before you get more confused remember that a given message in the
queue might have multiple recipients, even multiples at the same
destination domain, and all we're doing here is sending an error bounce
message for one sender -- logically you must treat each recipient as if
it represents an entirely separate message in the queue)

> and you should
> at least try two, until you succeed;


No, ABSOLUTELY NOT! You are confusing things and taking phrases out of
context from the complete picture here!

--
                                Greg A. Woods


+1 416 218-0098;            <g.a.woods@???>;           <woods@???>
Planix, Inc. <woods@???>; VE3TCP; Secrets of the Weird <woods@???>