Author: Marc Perkel Date: To: Renaud Allard CC: exim-users Subject: Re: [exim] Verification Question - Random
Renaud Allard wrote: > Marc Perkel wrote:
>
>> Renaud Allard wrote:
>>
>>> Marc Perkel wrote:
>>>
>>>
>>>> Ok - this random command has me interested. I'm using callouts but
>>>> trying to reduce them as much as possible. If a do a random call and it
>>>> succeeds then the caching with prevent other callouts from doing real
>>>> calls. I suppose what I want to do is if the random callout fails then I
>>>> should not do a random callout for that domain again for a period of time.
>>>>
>>>> Is there any caching so that if I do a random callout that fails that
>>>> the fact that it failed is cached?
>>>>
>>>>
>>>>
>>> That is exactly the purpose of the random feature. It caches succeeded
>>> random callouts and doesn't retry for a period of time.
>>>
>>>
>> Yes - but you also mentioned that you got blacklisted for using it. I'm
>> wondering if the reason it happened is because you were verifying
>> domains that were not open to random addresses. That perhaps it
>> remembvers random success as a wildcard for that domain but if it fails
>> on random then it doesn't remember that?
>>
>> I'm trying to understand how to use this, but I don't want to get
>> blacklisted. In fact, I'm already dealing with being blacklisted for
>> callouts.
>>
>>
>
> I used it for sender verification, not for recipient verification. There
> is a continuous debate about this kind of verification when there is a
> massive joe job. So this is a dilemma if you wish to verify every each
> address, you should accept being blacklisted. I think sender
> verification should only be used when the mail is already a spam suspect.
>
> If you use it for recipient verification, that generally means you are
> an MX gateway for some domains and that they should trust you if they
> are renting your services. If domains you are an MX for blacklist you or
> make you blacklisted, they just should fix their configuration.
>
>
>
I run a front end spam filtering service. To reduce sender verification
I do recipient verification first. The idea being that if the recipient
fails then I need not verify the sender. But some of my customers will
accept anything so I end up doing sender verification on every message
for them.
So - my original thinking as if the customer accepted any address I
wouldn't do sender verification for them.
But - this random thing looks very interesting. I can see how it would
prevent a lot of lookups if the sender accepted random addresses. But
would it result in additional callouts if the sender does NOT accept
random addresses.
Ideally if the random call failed then Exim should remember that to and
not make a new random call the next time. The docs say that it remembers
if the random call suceded, but will it remember if it fails?