Re: [Exim] Re: misconfigured mail server

Top Page
Delete this message
Reply to this message
Author: Alan J. Flavell
Date:  
To: Exim users list
Subject: Re: [Exim] Re: misconfigured mail server
On Sun, 1 Jun 2003, Patrick Starrenburg wrote:

> Or have option to reject with a 5xx
> error so the sender knows problem straight away.


As so often in exim, all the necessary mechanisms are already there
(praise Phil!): you only need to use them appropriately!

Let the error pass at HELO time, just proceed on to RCPT time, check
whether the addressee is at least postmaster - and/or support/abuse
whatever you want; if not, then check the helo name, and tell them the
good news with a 'deny' and a helpful diagnostic.

Then you'll find the usual consequences:

1. if the MTA at the other end is from you-know-who, then your
carefully composed error diagnostic will likely be tossed aside and an
error diagnostic invented from whole-cloth, i.e in this case the poor
sender will likely be informed that their intended recipient does not
exist (been there, got the T-shirt).

2. Even if the MTA at the other end is self-respecting
internet-conforming software, the punter won't bother to read your
helpful diagnostic, but will firmly grasp the wrong end of the stick
and take some totally inappropriate action...

But RFCx82y still say what they say, and you have them on your side.
OK, maybe it's sometimes diplomatically inadvisable to stand on
principles... we have been known to set up exception entries to allow
certain misconfigured MTAs to get past that point, once they had been
recognised...[1]

By the way, we recently instituted a block for senders who present our
own numerical IP address (without brackets) as HELO domain, and it's
astonishing how much spam it's catching! I suppose as the word gets
around, then spammers will just stop doing such an obvious thing, but
while it lasts, I can definitely recommend it.

[1] Since senior management seem to be quite accustomed to getting
infested with viruses; having to reboot at least once a week - if not
several times a day; have their PC break down under mysterious
circumstances just when it matters most, and so on and so forth: you
only have to pretend that it was 'computer error' and they'll
understand! They have no idea that out there, beyond their
comprehension, there is a world where computers run without rebooting
for many months or even years on end, and do what their admins
actually configure them to do (i.e in this case to conform with
internet RFCs ;-) without stepping-in an applying some
incomprehensible rules dreamed-up by the vendor.