[exim] Ordering of random vs. real sender verification callo…

Top Page
Delete this message
Reply to this message
Author: David Woodhouse
Date:  
To: exim users
Subject: [exim] Ordering of random vs. real sender verification callout
I've just encountered a host which seems to temporarily firewall me for
a minute or two after I give it a bogus RCPT TO:.

So what happens is this:

Exim connects and does a random callout, which is correctly rejected.
On sending RSET, it just gets a TCP FIN back. Exim attempts to make
another connection, and its SYN packets are just ignored.

Five minutes later, the sender tries again. This time, the random
callout result is cached, so Exim goes straight to verifying the _real_
address. The verification passes, and the mail is accepted.

Perhaps we should be doing our callouts in the opposite order -- the
real address (which we expect to succeed) before the random address
(which we expect to fail)?

Yes, that means that in the case where the random address _does_
succeed, we're pointlessly checking the real address too. But only once,
and we're still doing it all in only a single connection.

--
dwmw2