On 8 Apr 2005 at 12:29, Ian FREISLICH wrote about
"Re: [exim] Sender callouts ":
| Wakko Warner wrote:
| > Ian FREISLICH wrote:
| > > So you essentially land up connecting to the remote server and go
| > > MAIL FROM:<$sender_addres>
| > > RCPT TO:<$sender_addres>
|...
| > Won't go over too well if the sender's server uses SPF. It's also possible
| > the site won't accept the sender if it's a local domain and not
| > authenticated.
|
| Hmm, I hadn't thought of that. I haven't seen it fail that way
| yet.
It would fail for messages from my domain.
|...
| If I can't at least
| verify that you would accept mail from me in return, I won't accept
| from you.
Unless I misunderstood the above, what you are testing is whether I
will accept mail from you *claiming to be from me*, which I know is a
lie because you didn't authenticate.
| Maybe that's too bloody minded and I'll be subdued by
| time and experience.
Insisting that all sites that communicate with you accept mail with
detectably spoofed sender addresses does seem too bloody-minded (or
something) to me, but it's your system...
- Fred
