Re: [Exim] sender callout failing

Pàgina inicial
Delete this message
Reply to this message
Autor: David Saez
Data:  
A: Exim Users Mailing List
Assumpte: Re: [Exim] sender callout failing
Hi !!

> [[ BTW, Please honour my reply-to header. If you don't want multiple
> copies then please use your own reply-to header as appropriate. ]]


Sorry, you where posting to me and to the list and I though you also
want to be personally replied.

> > that's your opinion, i'm doing all sort of checks to the headers without
> > any trouble. any postmaster has his own policy, mine includes checking
> > headers.
>
> This isn't a matter of my opinion -- this is one of the original strict
> rules about the SMTP protocol that's never really been disputed by
> anyone who has a good understanding of SMTP.


mmm ... which RFC states that is strictly forbiden to do any check
on the header addresses ? i.e some test could be done in accordance to
RFC 2822, i.e it disallows the use of 8-bit characters. Appart from
syntax checks i don't like bounces comming from other servers that use
header addresses from my domains, or any other mail using nonexistent
addresses in the headers. That's my policy and as far as I know it does
not break any RFC.

> If you think you're not having or going to have any trouble with active
> sender address validation then I really must say that you cannot
> possibly understand fully what you're doing.


I think i undertand what i'm doing. I had no problem with what i'm
doing as by now i'm only adding a header line to incoming messages
when header callout fails. From my tests rejecting such this messages
will not cause any problem if the callout could be done by using a
non null envelope sender.

> The consequences are many, varied, and deep.


which ones ?

> You will cause problems for yourself and others who
> try to communicate with your users even though nothing may be "wrong"
> with their mailers, not even in the slightest.


Please be more concise, you are just saying i will have problems and
i really could not imagine which sort of problems are you talking
about.

> Since you really should not be looking at the From: line in the first
> place.....


please argue better your position.

> Please DO NOT EVER do active address verification on any addresses from
> the body of the message (including the RFC-[2]822 headers).


why not ?

> There are almost infinitely less "dangerous" and more effective ways of
> dealing with spam than trying to do what you claim to be doing. Heck
> even using the bl.spamcop.net DNS blacklist is probably less "dangerous".


wrong, it will have lots more of false positives.

> Philip really should never have made this kind of thing possible in exim
> without serious hacking being necessary on the part of the ill-informed
> users who think they want to do it.


Please try to illuminate us better, i still cannot see any danger or
problem on header callout verification ....

--
Best regards ...

I know Karate, Kung Fu, and 47 other dangerous words

----------------------------------------------------------------
   David Saez Padros                http://www.ols.es
   On-Line Services 2000 S.L.       e-mail  david@???
   Pintor Vayreda 1                 telf    +34 902 50 29 75
   08184 Palau-Solita i Plegamans   movil   +34 670 35 27 53
----------------------------------------------------------------