On Wed, Nov 05, 2003 at 10:54:22AM +0200, I. Forbes wrote:
> I have been running sender callout verification for a about a week
> and I have had to turn it off again.
[...]
> 1) ALTERNATIVE CALL BACK SENDER ADDRESS
> A lot of smtp servers fail call back verification because they do not
> accept "bounce messages" ie mail from "<>" (ouch!).
> Now that is an issue, but if they are handling bona fida mail that my
> customers want to read, I need to accept it.
> Can exim be setup to use an alternate address in an additional test
> if the sending server rejects "MAIL FROM: <>" ? Ie if this test
> generates a 5xx error then try sender callout verification with with
> "MAIL FROM: <testsender@???>" (where this address passes
> local recipient verification)? The results of this should be cached
> in a hints database.
[...]
There is a reason why callback stuff uses <> as sender - otherwise you
will get loops if both systems use callback:
a.example ---sends mail from foo@??? to --> bar@???
b.example makes callback to a.example with from bar@??? to
verify foo@???
a.example in turn makes a callback to b.example to answer the
callback.
etc.
If b.example uses MAIL FROM:<> for the callback a.example won't make
the callback-callback.
> 2) LOGGING OF OTHER SERVER'S CALLOUT VERIFICATION ATTEMPTS
> There are obviously other systems that are already running callout
> verification. Any attempt to do a callout verify on them, results in
> them doing a callout verify on me.
[...]
No, see above.
cu andreas