Autor: W B Hacker Data: A: exim-users Assumpte: Re: [exim] What's up ith the uceprotect blacklist?
Philip Hazel wrote:
> On Tue, 17 Oct 2006, Rene Marticke wrote:
>
>
>>let me explain two scene why this callouts are abuse.
>>
>>1.
>>me@domA send mail to you@domB
>>--> domB callout whith postmaster@domB if me@domA is valid.
>>--> domA use callout to -> so call domB if postmaster@domB is a valid
>>user .... loop
>
>
> That is precisely why Exim does *not* do a callout with postmaster@domB
> to verify a sender. It does the callout with "<>" as the sender. We've
> had this discussion several times. There are some options for varying
> the callout sender for recipient verifications (when one is generally
> talking to another of your own MTAs), but not for sender verifications.
>
ACK. Exim is polite and 'careful'. Most other 'major' MTA are as well.
- But even if all were such, spammers/zombies have poisoned the well, making
mailadmins ever more paranoid. Chances of blacklisting aside, fewer and fewer
servers give useful responses.
A defensive 'delay' vs typical callout timeout alone means I may even defeat
such checks between my *own* servers! Else need more patience than is warranted
for the already dodgy results...