[Exim] Re: Fallback to smarthost on 5xx?

Top Page
Delete this message
Reply to this message
Author: Daniel M. Drucker
Date:  
To: exim-users
Subject: [Exim] Re: Fallback to smarthost on 5xx?
> What I would *like* to do, is route messages through a smarthost, if
> they're rejected. The obvious problem with this is that the error given
> is usually a 5xx, which is to perm fail messages.


I'm in as similar situation. My machine is hosted at ServerPronto[1]; it was
about two weeks after I'd gotten everything up and running that I realized
that ServerPronto is part of Infolink, and therefore RBLed by many many
people. Doing what you've suggested was my first idea, but there's another
problem you haven't thought of -- being rejected at SMTP-time is only the
tip of the iceburg. In the situation we are in, being rejected at SMTP-time
is actually a good thing - it lets us know right away that we're being
filtered. However, the vast majority of receiving hosts do NOT black RBL'd
hosts at SMTP -- but they DO, perhaps, filter mail based on Received lines
using SpamAssassin.

In other words, the smarthost is probably the way to go for all your mail.
I'm routing my outgoing mail through my machine in my office (at a
university), with a little trick:

received_header_text = \
        "Received: (Exim ${version_number})\n\
        \tprotocol: ${received_protocol}\n\
        \tContact <postmaster@???> for explanation of why no IP appears
in this hop.\n\
        \tid ${message_id}\n\t"


That way, my sending host's "dirty" IP doesn't end up in the Received
headers, and thus receiving machines' SpamAssassin won't trigger.

> it probably breaks RFC. If it does, please slap me.


My solution definitely breaks RFCs, and if anyone here has a suggestion for
an improved received_header_text value which still does not include the IP
address of the sending host, I'd very much like it. I want to break the RFC
as gently as possible while still allowing my mail to not be tagged as spam.

[1] To be fair to ServerPronto, they're offering a rather incredible
service... $30 for my own server (not UML), with a very fast connection and
(so far) not a single ping lost or over 50ms out of any of the ones I've
sent it from my home monitoring software every 30 seconds for two months...
they just have some unfortunate lineage (and therefore a tainted netblock).

-- Daniel Drucker / dmd@???