Re: [Exim] Callout timeouts: opinions sought

Top Page

Reply to this message
Author: David Woodhouse
To: Ian Eiloart
CC: Philip Hazel, exim-users
Subject: Re: [Exim] Callout timeouts: opinions sought
On Thu, 2004-08-19 at 13:08 +0100, Ian Eiloart wrote:
> What I would like to be able to do though, is respond to a rejection after
> MAIL FROM:<> in a different way than I respond to a recipient rejection.

If they reject after RCPT TO:<someuser@domain> that's probably a bogus
user so I'd like to drop any mail claiming to be from that user.

If they reject after MAIL FROM:<> then they're clueless _and_ they've
probably been provoked into doing so by receiving a lot of bounces to
mail they didn't send... they're probably being joe-jobbed a lot. So
it's a fairly good chance the mail I'm being offered is fake and hence I
also want to drop it.

Why would I want to make a distinction between the two cases? Doesn't
the rejection already give enough information to the offending sender,
if in fact the message is genuine?

550-Callback setup failed while verifying <gxsr@???>
550-Sent:     MAIL FROM:<>
550-Response: 553 You are not authorized to send mail as <>
550-The initial connection, or a HELO or MAIL FROM:<> command was
550-rejected. Refusing MAIL FROM:<> does not help fight spam, disregards
550-RFC requirements, and stops you from receiving standard bounce
550-messages. This host does not accept mail from domains whose servers
550-refuse bounces.
550 Sender verify failed