Re: [exim] timeouts

On Sat, 1 Jan 2005, Suresh Ramasubramanian wrote:

> (we've been known to temporarily turn off MAIL FROM:<> for
> particular domains when they're being heavily dictionary attacked)

If you 5xx it, then we'd 5xx the mail offer to us; if you 4xx, it then
we'd defer the offer.

The consequence of that in a proportion of cases (mostly spammers) is
that no further attempt will be made - just as with greylisting.
Which is a nice side-effect. Whereas in some other proportion of
cases, the offering MTA will keep retrying on their normal retry
schedule. Which in turn will produce a series of callouts...

> anyway - as long as it works for you, and as long as you do stuff to
> minimize the number of callouts, like you do -
>
> 1. apply lots of other filters first (helo filters, dnsbls etc)

Sure thing.

> 2. cache callout data

exim will cache the definite results (positive or negative) of a
callout response, and we're definitely making use of that (as
inspection of the log makes clear).

But AIUI it takes no particular cacheing action if the callout gets
4xx-ed. Which leads to the undesirable situation mentioned above.
At least that is how I understand what I'm seeing in the logs -
correct me if I'm missing a point.

It could well be useful to have a callout-cacheing mechanism which
remembers that a callout produced a 4xx response, and limits the
frequency with which callouts will be attempted on that address or
domain. Meantime, repeated offers "from" that address or domain would
just be 4xx-ed without attempting repeated callouts.

all the best