On Wed, Jan 31, 2007 at 09:38:28AM +0000, Mike Cardwell wrote:
[...]
> No one has mentioned why sender callouts without a null sender are "bad"
> yet. As far as I can see the worse that can happen is, a remote mail
> server connects to yours, and sends a "MAIL FROM" and a "RCPT TO". You
> then connect to the MX for the domain in the MAIL FROM, and do the same,
> using the value of the "RCPT TO" in the mail from of the callout. They
> then connect back to you to do a sender callout themselves. Then it
> stops due to the cache... And this would only happen in the rare
> circumstances that both servers are using sender callouts...
>
> What part of the puzzle am I missing?
you might hit a server that doesn't use cached results;
there might be machines that do sender verification with
random return paths or something else mad (probably rare).
if you use a null return-path then these cases can't
happen because there is nowhere the remote side can make a
verification callout to. in practice it may well usually
be safe to use non-null senders.
--
``... their old car. You know, the one they call `The Envy of Sisyphus',
because it goes quite nicely up-hill if you push it.''
(Saki, from `Tobermory')