Re: [exim] Alternate callout verification sequence suggestio…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Wakko Warner
Date:  
À: Marc Perkel
CC: exim-users
Sujet: Re: [exim] Alternate callout verification sequence suggestion
Please keep me in CC and don't top post.

> You could have a special callout from address that didn't do a callout
> itself.


That's not really possible.
server A talks to server MARC. MARC does a callout with sender <> to server
A. server A thinks <> is invalid. MARC server decides to use a callout
with sender <callouttest@MARC> (for example) instead of <>. server A
decides to verify that <callouttest@MARC> is a valid address (callout if you
will) and server MARC notes that this was a callout test it had done and
immediately says this sender is OK (making note to drop actual mail to it in
the data phase, just incase this is a spammer!). server A decides that
since <callouttest@MARC> is valid, it returns ok. in the callout MARC did,
it sees it as ok and proceeds as a valid address to the original smtp
session from server A.

Now if instead that MARC was not configured to say ok to <callouttest@MARC>
and did a callout, you would run into an infinite loop (infinite being smtp
timeout or not. I think theoretically, it'd stop at the default of 5
minutes or whatever the servers are using). This scenario here is what you
want to avoid.

I have stated this at least 2 times prior on the list. Phil does not want
this capability in exim. I would assume that this is because it can easily
cause loops, which I would agree with. The responsibility is upon the
administrator who is setting up their machine to use a sender callout using
a non-null address to avoid the callout loop problem. *IF* all servers that
do callouts always use <> first and always accept <> as a valid sender, this
probably really would not be an issue. I guess that would just be wishful
thinking.

> >Marc, I actually had thought of this. The probably lies in the server who
> >originates the first callout. If you use a MAIL
> >FROM:<calloutcheck@mydomain>, you beter besure that absolutely no blocks
> >are
> >placed on that address when the server you do that callout to calls back to
> >you. There will be 2 callouts in this case. If you instead do checks on
> >that address, then you will inturn do another callout. You'll runinto a
> >loop. It would be your responcibility to prevent this from happening.
> >When
> >a check is to your callout@mydomain address, you could set a flag to deny
> >the email after data because afterall, this address never sends mail.
> >
> >
> >
>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
> details at http://www.exim.org/ ##

--
Lab tests show that use of micro$oft causes cancer in lab animals