Re: [exim] Strange Sender Verification behaviour

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Renaud Allard
CC: exim-users
Subject: Re: [exim] Strange Sender Verification behaviour
On Mon, 13 Feb 2006, Renaud Allard wrote:

> Here is the result of the test. The callout was cached, so I suppressed
> the cache before sending the message. I also removed greylisting because
> it would have been unpractical for debugging.
>
> I included the full file just in case.


Thanks for the test. It shows something very weird. These are the
important lines. This is the SMTP conversation during the callout check:

SMTP<< 220 digest2.cali.co.uk ESMTP server ready (Alligate v1.5.11.16-13.2-0.2)
SMTP>> HELO mail.llorien.org

SMTP<< 250 digest2.cali.co.uk
SMTP>> MAIL FROM:<>

SMTP<< 250 OK
SMTP>> RCPT TO:<mail.llorien.org-1139826047-testing@???>

SMTP<< 550 5.1.1 <mail.llorien.org-1139826047-testing@???> is not a valid mailbox
SMTP>> RSET

SMTP<< 250 OK
SMTP>> MAIL FROM:<>

SMTP<< 550 5.1.1 <mail.llorien.org-1139826047-testing@???> is not a valid mailbox
SMTP>> QUIT


Notice what happens: the first test is correctly rejected at the RCPT TO
stage. Exim then sends RSET and MAIL FROM:<> again. This time, the
remote host gives the response that Exim logs! So as far as I can
see, the remote host is behaving weirdly. (And the remote host is not
Exim.)

Why is Exim sending the RSET? Look at the form of the RCPT TO address.
That is the form used for testing "random" local parts. So I presume you
have specified verify=sender/random in your ACL. Since the "random"
local part is rejected, Exim proceeds to try to verify the actual
sender, but it never gets that far because of the bad behaviour of the
server.

I do not believe this is an Exim problem. The obvious workaround is to
remove the "random" test, at least for this domain.

I tried testing this by hand, and it is quite consistent:

$ telnet calligate2.cali.co.uk 25
Trying 62.172.47.141...
Connected to calligate2.cali.co.uk.
Escape character is '^]'.
220 digest2.cali.co.uk ESMTP server ready (Alligate v1.5.11.16-37.3-0.6)
ehlo test.domain
250-digest2.cali.co.uk
250-AUTH LOGIN
250 SIZE
mail from:<>
250 OK
rcpt to:<testunknownuser@???>
550 5.1.1 <testunknownuser@???> is not a valid mailbox
rset
250 OK
mail from:<>
550 5.1.1 <testunknownuser@???> is not a valid mailbox

So it is definitely broken.

Philip

-- 
Philip Hazel            University of Cambridge Computing Service
Get the Exim 4 book:    http://www.uit.co.uk/exim-book