Re: [exim] Sender callouts

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Ian FREISLICH
日付:  
To: Jeremy Harris
CC: exim-users @ exim. org
題目: Re: [exim] Sender callouts
Jeremy Harris wrote:
> Ian FREISLICH wrote:
> > Wakko Warner wrote:
> >
> >>Ian FREISLICH wrote:
> >>
> >>>So you essentially land up connecting to the remote server and go
> >>>MAIL FROM:<$sender_addres>
> >>>RCPT TO:<$sender_addres>
> >>>
> >>>There are many sites that reject <> and are not listed on
> >>>dsn.rfc-ignorant.org. My experience is that these sites correctly
> >>>verify for some non null sender. If they're so broken that they
> >>>do callouts for senders that are local and sender callout bomb
> >>>themselves, well that's somebody elses problem isn't it?
> >>
> >>Won't go over too well if the sender's server uses SPF. It's also possible
> >>the site won't accept the sender if it's a local domain and not
> >>authenticated.
> >
> >
> > Hmm, I hadn't thought of that. I haven't seen it fail that way
> > yet. Still, the callout will fail and their mail won't be accepted
> > which is no different to the current situation except that the
> > number of FP callout rejections is reduced. If I can't at least
> > verify that you would accept mail from me in return, I won't accept
> > from you. Maybe that's too bloody minded and I'll be subdued by
> > time and experience.
>
> If you're going to be bloody-minded (I am, too) why accept mail
> from sources that won't accept a properly-constructed bounce?


Our users are not as bloody minded as I am. They complain like
stuck pigs when their mail does not arive within 5 seconds of it
being sent. We've all done very good job of making email too
relaible.

For instance:

[ian] ~/cvswork/src/mail-NG/config $ telnet borg.xsinet.co.za 25
Trying 196.36.190.84...
Connected to borg.xsinet.co.za.
Escape character is '^]'.
220 pidgey.xsinet.co.za ESMTP Postfix (NO UCE DEMNIT)
HELO foo
250 pidgey.xsinet.co.za
MAIL FROM:<>
250 Ok
RCPT TO:<foobar@???>
450 <foobar@???>: Recipient address rejected: Policy Rejection: Please try later -- Greylisting in progress
421 pidgey.xsinet.co.za Error: timeout exceeded
(after ~60 seconds)

Our users complain that mail takes too long to or from this domain
(and counless others) when the callout defers. So much so that I
had to add /defer_ok to the callout. What do you do with people
that just do stupid things - it's not our fault they have no clue
and sadly the internet is _full_ of them.

Ian

--
Ian Freislich