--On Thursday, August 19, 2004 3:17 pm +0100 David Woodhouse
<dwmw2@???> wrote:
> On Thu, 2004-08-19 at 13:08 +0100, Ian Eiloart wrote:
>> What I would like to be able to do though, is respond to a rejection
>> after MAIL FROM:<> in a different way than I respond to a recipient
>> rejection.
>
> If they reject after RCPT TO:<someuser@domain> that's probably a bogus
> user so I'd like to drop any mail claiming to be from that user.
Yes, me too.
> If they reject after MAIL FROM:<> then they're clueless _and_ they've
> probably been provoked into doing so by receiving a lot of bounces to
> mail they didn't send... they're probably being joe-jobbed a lot. So
> it's a fairly good chance the mail I'm being offered is fake and hence I
> also want to drop it.
Again, me too.
> Why would I want to make a distinction between the two cases? Doesn't
> the rejection already give enough information to the offending sender,
> if in fact the message is genuine?
Well, mainly so that I can customise the response - to point to a helpful
web page. However, it looks like you've managed to achieve that. Did you
just rely on the probability that a failure on RCPT TO would probably never
be bounced to anyone?
> 550-Callback setup failed while verifying <gxsr@???>
> 550-Called: 202.108.45.232
> 550-Sent: MAIL FROM:<>
> 550-Response: 553 You are not authorized to send mail as <>
> 550-The initial connection, or a HELO or MAIL FROM:<> command was
> 550-rejected. Refusing MAIL FROM:<> does not help fight spam, disregards
> 550-RFC requirements, and stops you from receiving standard bounce
> 550-messages. This host does not accept mail from domains whose servers
> 550-refuse bounces.
> 550 Sender verify failed
--
Ian Eiloart
Servers Team
Sussex University ITS