Re[3]: [Exim] Callout verification

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MMatthew Byng-Maddick at <-
MRussell King at ->
Delete this message
Reply to this message
Author: Andy Fletcher
Date:  
To: exim-users
Subject: Re[3]: [Exim] Callout verification
-----Original Message-----
Friday, May 7, 2004, 12:08:58 PM, you wrote:


> On Fri, 7 May 2004, Andy Fletcher wrote:

>> My knowledge of exim may show as thin here, but don't forwarded
>> addresses get verified with recipient verification - if someone sets
>> and alias to forward elsewhere, then the destination address is
>> checked?

> Only by trying to deliver the message to it. :-) There is no point in
> pre-verififying. (You are probably thinking of errors_address, but that
> is verified without callout.)

I read this in the manual:

"When an incoming address is redirected to just one child address,
verification continues with the child address, and if that fails to
verify, the original verification also fails."

Am I interpreting this wrong? If so, you win :-) If not, is my point
valid?

>> I'm still not sold on why "use_sender" is a good idea on recipient
>> callouts, but not sender.

> It it only a good idea if the hosts to which you make the callout alter
> their behaviour depending on the sender (e.g. sender A is permitted to
> mail to recipient B, but sender C is not). Otherwise, it just wastes
> resources because the caching is not so effective.

> Typically, internal hosts to which you do recipient callouts will trust
> the gateway host, so will not themselves be doing sender callout checks.

I think I've lost my argument that both are liable to the same
conditions of loops, though I still maintain the arguments against
callout "use_sender" on sender verification can be applied to
recipient checks too.

Personally, do you have a suggestion as what to do about broken
mailservers rejecting the a null MAIL TO? I know it's wrong, and I'd
love to re-educate the admins of these servers, but sometimes it's not
practical to do so... and there do seem to be a lot of servers
configured to do this, it's not just the odd isolated incident. Is
is worth considering the point at which the 5xx code is returned,
personally I would say it is - but I'm sure others disagree :-)

Any thoughts/suggestions welcome.





This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[Exim] Exim References: Lists[Exim] Re: Anything wrong with rejecting bounces for addresses which don't send mail?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)