[exim] Ordering of random vs. real sender verification callo…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M 
MW B Hacker at ->
Delete this message
Reply to this message
Author: David Woodhouse
Date:  
To: exim users
Subject: [exim] Ordering of random vs. real sender verification callout
I've just encountered a host which seems to temporarily firewall me for
a minute or two after I give it a bogus RCPT TO:.

So what happens is this:

Exim connects and does a random callout, which is correctly rejected.
On sending RSET, it just gets a TCP FIN back. Exim attempts to make
another connection, and its SYN packets are just ignored.

Five minutes later, the sender tries again. This time, the random
callout result is cached, so Exim goes straight to verifying the _real_
address. The verification passes, and the mail is accepted.

Perhaps we should be doing our callouts in the opposite order -- the
real address (which we expect to succeed) before the random address
(which we expect to fail)?

Yes, that means that in the case where the random address _does_
succeed, we're pointlessly checking the real address too. But only once,
and we're still doing it all in only a single connection.

--
dwmw2


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Sender callout verification on BATV signed addressesRe: [exim] Ordering of random vs. real sender verification callout->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)