At 9:23 AM +0000 1/29/04, Ian A B Eiloart wrote:
>>>> require verify = sender/callout
>>>>[...]
>>>>
>>>>Now if I understand this correctly, the verify sender should check
>>>>that the sender is valid, at least from a delivery standpoint. So I'd
>>>>imagine that if a message delivery attempt was made from a
>>>>non-existant user at a fake domain that the message would get
>>>>rejected, but this doesn't appear to be the case for me:
>>>
>>>
>
>Hmm, that should work - provided you made sure that your test domain really
>doesn't have a mail server. You should use EXAMPLE.COM: a domain that is
>guaranteed to be non-existant by RFC whateveritis.
>
I'm pretty sure that the tests I tried don't match real domains.
>Note that success on a sender verify callout does not guarantee that the
>user exists.
Understood, but just knowing that the host exists is enough.
>Are you sure that the callout is going to the correct host, and not to a
>local relay? I've tried your test, using a bad sender address from our
>domain while snooping the network, and I haven't seen any attempt on your
>part to contact our server.
I'd agree, it's not sending out any sender verification. As for why
that is I don't understand.
--
-dhan
------------------------------------------------------------------------
Dan Shoop shoop@???
Consulting Internet Architect shoop@???
AIM: iWiring
pgp key fingerprint: FAC0 9434 B5A5 24A8 D0AF 12B1 7840 3BE7 3736 DE0B
iWiring designs and supports Internet systems and networks based on
Mac OS X, unix(tm), and Open Source applications technologies and
offers 24x7, guaranteed support to registered clients. How can we help?