Re: [Exim] SMTP Sender-verify callouts

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MIan Eiloart at <-
M\Ian Eiloart at ->
Delete this message
Reply to this message
Author: Alan J. Flavell
Date:  
To: Exim users list
Subject: Re: [Exim] SMTP Sender-verify callouts
On Wed, 18 Aug 2004, Ian Eiloart wrote:

> I think that depends on what you mean by "good". In my experience,
> we reject in the region of 20,000 spams per day from sites that
> respond with an "unknown local part" error (or similar).

I'm rather sure that there are relatively few of those rejected mails
which are really offered "from" sites which then repudiate their own
senders' addresses! I'd surmise that almost all of the rejected items
are being offered to you by MTAs which have nothing to do with the
purported envelope sender domain.

So I'd have to ask you to consider, how many callouts has _that_
involved to innocent sites whose only crime was to be the victim of
this kind of fraud?

I don't know what volume of mail you handle, but if you're not
applying every possible rejection criterion that can be applied
locally /before/ you resort to trying a callout, then you're basically
throwing the work of rejecting spam onto innocent sites whose only
offence was to get their domain faked by spammers. That's not a fair
deal, IMHO.

I don't mind playing my *reasonable* part in responding to callouts
and helping to block spam; but if I was having to handle 20,000
callouts a day for spams which are really not my fault, then I might
take a different view.

(In truth of course we've no idea, when we reject a "bounce" for a
non-existent user here, whether we're rejecting a misguided
non-delivery report, or responding to a callout. I count 4k+ so far
this week on our departmental mailer. I *suppose* that most of those
are in fact misguided non-delivery reports, and that callouts are
rather unusual, but I really have no idea, nor do I know how to find
out.)

In the same time that we've responded to those 4k+ bounces, we've made
only 620 actual callouts (some of which were cached and used to reject
multiple spam attempts, of course). The key point that I'm trying to
make here is that we rejected *most* spam attempts at an earlier stage
(due to tell-tale HELO signs, DNSrbl lookups, local blacklists etc.)
rather than using the CPU of some innocent bystander to implement
callouts for us. Unacceptable HELO: about 2k, DNSrbl rejections: 3k,
local blacklists: 2k, etc. (that's so far this week) and only
resorted to callouts in a fraction of cases where experience shows
it's worth a try.

> We get about 500 per day that reject mail from the null sender,

But this is a secondary issue. The primary one is the principle of
using callout at all, and, if so, under what conditions. I suppose
we'll be hearing from Suresh shortly... ;-)

As you can see, we're a fairly small operation in global terms.
Perhaps you're already rejecting (let's say) 500,000 mails a day on
other criteria?

best regards


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-RE: [Exim] Opinions sought: Most effective spam reduction techniques[Exim] Announce: exiscan-acl-4.41-25->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)