On Mon, Apr 05, 2004 at 12:37:13PM +0100, Bruce Richardson wrote:
> On Mon, Apr 05, 2004 at 01:02:52PM +0200, Tamas TEVESZ wrote:
> > On Mon, 5 Apr 2004, Bruce Richardson wrote:
> >
> > > > a) Exim is now using the original sender address rather than <>
> > > > to do callouts
> >
> > > the RCPT stage, because that's when the callout is happening. The
> > > problem is entirely point a). Which is a big problem.
> >
> > because? that's how it will be sent on to the internal host, afterall.
>
> It's a bloody big problem because Exim doesn't detect a rejection of the
> MAIL verb, It treats a rejection of the MAIL verb as a rejection of the
> RCPT verb and then, presumably because this change was unitentional,
> WRONGLY REJECTS EVERY SINGLE RECIPIENT FOR THAT DOMAIN, based on
> incorrect cached callout data. Are you quite clear about that, now?
On further investigation, this is clearly a bug. The exim documentation
states quite clearly that the sender address in callout verification is
<>. It also says:
"If a host gives a negative response to an SMTP connection, or rejects
any commands up to and including
MAIL FROM:<>
any callout attempt is bound to fail. Exim remembers such failures
in a
domain cache record, which it uses to fail callouts for the domain
without making new connections, until the domain record times out."
This is what Exim has been doing to me, because it is passing on the
actual sender, rather than <>, and then treating the recipient mail
system as if it had rejected "MAIL FROM:<>".
--
Bruce
Nostalgia isn't what it used to be.