Re: [exim] Sender callout verification with warning only

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Phil \(Medway Hosting\)
Date:  
À: Exim Users List
Sujet: Re: [exim] Sender callout verification with warning only

----- Original Message -----
From: "Toralf Lund" <toralf@???>
To: "Exim Mailing List" <exim-users@???>
Sent: Friday, July 06, 2007 9:17 AM
Subject: [exim] Sender callout verification with warning only


> We recently found that we could no longer use Exim's sender callout
> verification on our MX because people here rely on various web services
> etc. that send auto-generated messages "from" addresses with incorrect
> local parts (and identifying all of them so that exceptions could be
> made also seemed difficult.) But, then I thought that I might at least
> add a warning if the callout fails, so the check_recipient ACL now has:
>
>   require verify = sender
>   warn    !verify = sender/callout=defer_ok
>       message = X-Sender-Warning: The email setup at
> $sender_address_domain does not accept messages to $sender_address

>
> Questions:
>
>    1. Does this look correct to you? (Note that I still want to reject
>       messages if the domain part is incorrect, hence the first test.)
>    2. What header would you use for this warning?


Do you realise that callouts are considered abusive in anti-spam circles and
are often used in certain forms of ddos attacks ? Some major mail servers
even BLOCK based on the number of callouts they receive from a given IP.
Something like 80% of emails are spam, so 80% of your callouts are being
directed at totally innocent machines. Challenge response methods should be
considered in the same way.

All the best

Phil


_____________________________________________

Website Hosting from only £5.00 per month.
www.medwayhosting.com - +44 (0)1634 856965
_____________________________________________

Digital & Traditional Printing, and much more
www.medwayprint.com - +44 (0)1634 281199
_____________________________________________