Re: [Exim] Sender verification... long-term temporary failur…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Alan J. Flavell
Date:  
À: Exim users list
Sujet: Re: [Exim] Sender verification... long-term temporary failures should be considered permanent.
On Thu, 30 Oct 2003, David Woodhouse wrote:

> My dialup account


I've no expertise with intermittently-connected MTAs, but the rest of
the question seems interesting even so...

> gets lots of spam, much of it from domains for which
> sender verification attempts _always_ result in a 'temporary' failure;
> causing a 4xx rejection and my ISP to continue attempting to resend the
> mail to me ad infinitum.


Sounds a familiar scenario, except that "infinitum" shouldn't be more
than 5 or 7 days? Even so: for spams, that time is too high, and can
leave quite a lot of noise in the logs, especially if the offering MTA
has too enthusiastic a retry strategy. On our relatively small-scale
mailer, when I spot such behaviour in the log I drop the offending
domain manually into an "unreachable_domains" list.

      deny    sender_domains = partial-dbm;CONFIG_DIR/unreach_domains.db
              message = We are currently unable to accept mail from \
              $sender_address_domain\n\
              because that mail domain is persistently unreachable or not\n\
              responding properly, for reasons that are outside our control.
[...and so on...]


I also, now and again, run a manual script which simulates callouts to
those blacklisted domains, and suggests candidates for removal from
the blacklist. It's not very good, just a bit of hand-knitted Perl
(actually it would be useful to have some kind of "exim -btXXX ..."
option which tested address callouts using exim's own callout
strategy...)

> We already cache address verification results.... can we also cache
> temporary failures,


Let me say what I think you meant, just so we're clear: you want to
make a fresh callout each time, but in the event of a temporary
failure, you want to check whether this is part of a regular pattern
of temporary failures, right?

> and consider them to be permanent failures after a certain number of
> days?


Usually, a solution to this kind of requirement would be a little
Perl script - invoked via ${run...} if you haven't got the Perl
scripting interface in your exim build.

Now, from this point on, I'm "thinking aloud", so don't take anything
at face value...

However, we had a bit of a discussion here before on whether it was
possible to take a three-way path according to whether an ACL test
gave positive or negative answer or failed to complete; but I don't
recall any way that the ACL could take a specific action on failure to
complete.

So, unless I'm missing something, it seems to me you'd need a bit of
sleight of hand, e.g preparing some kind of persistent timestamped
data record *before* attempting the callout test, which you would then
erase if the test completed, but would be left hanging around if
the callout timed-out. (Am I making some kind of sense?).

If this kind of manoeuvre is attempted for every incoming mail,
though, I have the gut feeling it could cause quite an overhead.

But if you only use callouts to pre-selected patterns of domain, then
that might not be so bad.

But as I say - composed on the hoof and YMMV and so on.