Re: [exim] Setup for authenticated submission

Pàgina inicial
Delete this message
Reply to this message
Autor: Kjetil Torgrim Homme
Data:  
A: Bill Hacker
CC: exim
Assumpte: Re: [exim] Setup for authenticated submission
On Thu, 2006-01-19 at 08:04 +0800, Bill Hacker wrote:
> Andrew - Supernews wrote:
> > It is a _NORMAL_ case for the HELO domain to be different to the domain
>
> "Not uncommon", yes, Dunno if 'Normal' fits so well w/r MTA's.


very few properly set up servers will have the domain name as their
hostname. can you imagine yahoo.com being an actual host handling
e-mail? that would have to be a serious piece of hardware :-)

> Most of the truants abandoned the connection in the first 30-45 seconds
> of their *first* jail term, 'didn't last a minute' IOW.
>
> Well-behaved MTA are more patient than the average spam engine.


we only advertise pipelining to hosts where HELO matches the reverse
DNS:

pipelining_advertise_hosts = ${if eq {$sender_host_name}{$sender_helo_name}\
                                  {*}{}}


(I'm afraid there's a one in three chance this will happen to your
server, since Exim will just pick the first PTR returned.)

we also incur a small delay (10s) for "suspicious" behaviour, and this
does indeed cause many callers to be booted due to non-conforming SMTP
implementations. if they do behave, we don't penalise them further with
SA score or such.

of course we don't try to infer any connection between HELO and MAIL
FROM.

> BTW - 'supernews.net' ?
>
> Interesting concept, that of charging a subscription fee for usenet access.


you should try setting up the infrastructure needed for a usenet server
with access to alt.binaries.*, it's not trivial either network, disk,
CPU or businesswise. I'm not sure what the traffic levels are these
days, it was 300 GB per day a couple of years ago.

--
Kjetil T.