Re: [exim] Callouts, NULL DSN

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Steve B
Fecha:  
A: exim-users
Asunto: Re: [exim] Callouts, NULL DSN
"Dave Lugo" <dlugo@???> writes:

>>
>> Well, I've got a problem with an SMTP server refusing a null DSN.
>> Apparently this guy John Levine (iecc.com) refuses any connects with a
>> MAIL FROM: <> and thus callout verification fails.
>>
>
> Eh... I suspect your statement "refuses any connects with a MAIL FROM: <>"
> is not entirely accurate.


No, I should say he responds with "250 OK" if you have something between the
"<>" and he responds with a "553 Not our message (#5.7.1)" if you simply
send a null "<>"

> If he never sent the original item that resulted in the bounce,
> WHY would he want to accept the blowback that the bounce represents?


There is no original item, he operates a mailing list for eefc.org and when
one does a callout to see if eefc@??? is a valid e-mail, he 553's you.

>> Then he point off to his own failed attempt at an RFC (BATV ,
>> draft-levine-mass-batv-01.txt ) and says that says it is okay, and what
>> we are doing it wrong.
>>
>
> 'Scuse me? Failed attempt? BATV works great, or at least the
> customers I have that have enabled it are very happy with it.


I didn't say BATV is a failure, I said the RFC was never reviewed by the
IESG or made into an official RFC.

He uses BATV as an excuse for ignoring RFC 821, 1153, 2821, 3461, advice
from sendmail, et al.

I am not saying is right or wrong. The reason I posted here is to check
myself and get other peoples opinions on this failure to accept a null DSN
which various RFC's, and sendmail.org, specifically say you should accept.

> My understanding is that due to the massive forgery of John's
> domains, he's SWAMPED with callback verifications. To him,
> they can be accurately described as a DoS he never asked for.


So somehow sending a "553" reduces the load on his system versus sending a
"250 OK"? Please explain. Well, I suppose if enough people put him in a
white list it would.

But then again, if that were the reason, he could explain that to people. If
I heard him say "For reason XXX I have been getting DoS attacked by spammers
with forged return addresses, I am ignoring the established RFC's and
standards. Please put me on an exception list in your callout/callback ACL"
then I would be fine with that.

Steve