Re: [exim] tiscali.be listening? Please fix your callbacks

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MSuresh Ramasubramanian at <-
 
Delete this message
Reply to this message
Author: Richard.Hall
Date:  
To: exim-users
CC: Suresh Ramasubramanian
Subject: Re: [exim] tiscali.be listening? Please fix your callbacks
Suresh,

On Thu, 17 Mar 2005, Suresh Ramasubramanian wrote:

> [please cc me with your comments, or if you're a tiscali belgium admin,
> email me offlist .. I hardly get time to read exim-users these days]
>
> OK - so one of our users on europe.com is facing trouble sending to
> tiscali.be, with an error that looks extraordinarily like a failed
> callback in exim

Maybe I'm going completely barmy, but it looks worse than that. To me.
YMMV.

> > suresh@frodo:~ telnet vs.tiscali.be smtp
> > Trying 62.235.13.102...
> > Connected to vs.tiscali.be.
> > Escape character is '^]'.
> > 220 ESMTP mail-in.tiscali.be. NO UBE/UCE tolerated.
> > ehlo frodo.hserus.net
> > 250-mail-in.tiscali.be Hello frodo.hserus.net [204.74.68.40]
> > 250-SIZE 10485760
> > 250-PIPELINING
> > 250 HELP
> > mail from: <xxx.yyy@???>
> > 250 OK
> > rcpt to: <aaa.bbb@???>
> > 550-Verification failed for <xxx.yyy@???>
> > 550-Unrouteable address
> > 550 Sender verify failed

OK, so far I agree with you.

[...]

> Sheesh. I just did another test now and chanced to be looking at my
> mail logs, on the machine I was sending from
>
> 1. Their callback / sender verification is connecting to my box
> frodo.hserus.net from which I initiated the test, and trying to verify
> the sender. Trouble is, frodo is NOT an MX for europe.com, so these
> people shouldnt be doing callbacks to the sending server anyway
>
> 2. Their callback script has a typo in it - it is issuing "quitr"
> instead of the ESMTP QUIT verb
>
> 2005-03-17 21:44:36 H=mail-in5.tiscali.be (mail-in.tiscali.be)
> [62.235.13.184]:50620 I=[204.74.68.40]:25 F=<> rejected RCPT
> <xxx.yyy@???>: Relaying Denied

3. Their callback script isn't verifying
the original sender (xxx.yyy@???),
or even the original recipient (aaa.bbb@???),
but something completely different (xxx.yyy@???)

My wild guesses?

a) They are trying to determine if you are an open relay.
b) Their sender verification is even more screwed up than you thought.

(Unless this particular log is nothing to do with your attempt to send
mail, just coincidence, or you messed something up when obscuring
addresses?)

> 2005-03-17 21:44:45 SMTP syntax error in "quitr" H=mail-in5.tiscali.be
> (mail-in.tiscali.be) [62.235.13.184]:50620 I=[204.74.68.40]:25
> unexpected argument data

Hmmm ... I'm beginning to wonder if it was just someone doing a manual
open relay test, and having finger trouble?

> 2005-03-17 21:44:48 SMTP connection from mail-in5.tiscali.be
> (mail-in.tiscali.be) [62.235.13.184]:50620 I=[204.74.68.40]:25 closed by
> QUIT

HTH,
Richard



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] relay and rewriteRe: [exim] Blank From->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)