Re: [Exim] Dealiang with broken MTAs

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Alan J. Flavell
Date:  
À: Exim users list
Sujet: Re: [Exim] Dealiang with broken MTAs
On Tue, 15 Jul 2003, Tom Marazita wrote:

> I've been using callouts here for about two years, and while I have
> found them to be immensely effective I can second the comment that
> Imail servers are frequently a problem.


We use callouts to good effect on domains where their use has proven
to be effective, and I mean that in two senses.

1. there's no point in doing callout to servers which appear to say
"go ahead" (or even "address is syntactically valid"!) at the RCPT
phase no matter how preposterous an address they are presented with.
No point in wasting callouts on them, so they don't go into our
callback_domains list.

2. I think it's a great idea that some spam-suspect senders have MTAs
which respond to any bounce with "Bogus mail from" or equivalent.
They go straight into our callback_domains list, so that they can
then block themselves ;-}

> Additionally I have been running spamassassin with sa-exim:
>
> http://marc.merlins.org/linux/exim/sa.html
>
> to allow messages to be rejected during the smtp transaction.


Indeed. Considering the massive increase recently in bogus bounces
we're getting from elsewhere for mail that we never sent (i.e
"collateral spam", in which our addresses have been faked as
sender)...

Accepting stuff and then (automatically) composing rejection reports
to the (purported) envelope-sender is just no longer acceptable, if
one wants to stay a good netizen. The rejection has to be achieved
right there and then at SMTP time, IMHO.

all the best