Re: [Exim] Frozen messages showing <>

Top Page
Delete this message
Reply to this message
Author: Peter Bowyer
Date:  
To: Rory Campbell-Lange
CC: Exim Mailing List
Subject: Re: [Exim] Frozen messages showing <>
Rory Campbell-Lange <rory@???> wrote:
> On 19/04/04, Peter Bowyer (peter@???) wrote:
>> Rory Campbell-Lange <rory@???> wrote:
>
> We're either moving to use the exim4 box (which has been working
> fantastically well for about 6 months) for all our mail requirements,
> or passing through to Postfix on an OSX Server.


Wonder why you're considering a third flavour of MTA? You obviously have had
some success with Exim, do you need to introduce something else to learn?

Anyway....

>> - Implement callout sender verification in Exim - will stop you
>> accepting a mail if a subsequent bounce would not be deliverable
>
> Won't this break some incoming stuff, which doesn't have a correctly
> formatted 'from'? We have to be tolerant of clients with broken MUAs.


It will block incoming stuff which has an undeliverable return path. If you
have a specific need to whitelist a sender or two, you could do this by IP
address - but I've never needed to do that myself. We're talking return
path, not From: header here.

>> You'll want to fix this before your first DHA or joe-job, at which
>> time both Exim and Exchange will probably melt down.
>
> I don't know what DHA or joe-jobs are. Please enlighten me
> (particularly as they seem to have risky results!)


DHA - Directory Harvest Attack. Bad guy sends tons of emails to your domain,
addresed to commonly-found local parts. Notes which ones bounce. Makes spam
list customised to your domain with known valid recipients. With a gateway
that accepts everything, can cause nasty build up of bounces on both
Exchange and Exim.

Joe-job- Your domain is used as the return path for a spam attack or a worm
attack. Each one uses a different made-up address @your domain. You get many
thousands of bounces as a result - some are genuine NDRs, some are spam
filter complaints, some are broken virus complaints. If you can't filter
these out at the gateway, they'll go through to your Exchange box, bounce
there (possibly maxing out queues in the process), and back to Exim where
they'll freeze. Spool fills up with junk, queue runs take forever, generally
not a good thing to happen. It all goes away once you can do recipient
verification at SMTP time.

> Sorry for the questions about your answers,


No problem....

Peter