On Wed, 2006-03-22 at 16:11 +0100, Sander Smeenk wrote:
> Quoting David Woodhouse (dwmw2@???):
>
> > Rejecting mail with non-empty reverse-path to your signed addresses
> > isn't really that important, so if it's a problem you might as well
> > relax the checking.
>
> It's in *your* config my friend! :P
I know. It's not a problem for _me_ -- on the rare occasions that I've
found someone with misconfigured callouts, either they've fixed it or
they've been a postfixhead and refused to accept that it was broken
(hence the postmaster exception).
> | {${if and { {!eq {$sender_address}{}} \
> | {!eqi {$sender_address_local_part}{postmaster}}\
> | {!eq {$address_data}{verifying sender}}\
> | } \
> | {:fail: Invalid SRS bounce (Not DSN: $sender_address)}\
An old version of my config, working around bugs in an old version of
Exim. You don't need the 'verifying sender' hack any more. My current
config is at
http://david.woodhou.se/eximconf/include/routers-ses
> > It's worth reporting the problem to the offending sites though.
>
> Yea, i'm wondering what would happen if i also enabled callout on my
> server. It would probably cause loops, or not, as the sending MTA also
> uses some kind of temporary address in the callout.
No, it shouldn't cause loops. Exim's callouts generally do the right
thing, with the exception of the recipient callout -- which will use a
NULL reverse-path in the callout unless you use the use_sender option.
> I'm just curious as to what return path addresses are supposed to be
> used for. How the opinions on that are set...
For bounces and autoresponses and, by extension, for sender verification
callouts.
--
dwmw2
