On 01/07/2010 01:50 PM, Paul Sheer wrote:
> Hi there,
>
> We are a large ISP and we have noticed some Exim implementations
> issue RCPT TO back to us on our RCPT TO to verify the sender.
>
> They do this by establishing a separate connection to our MX -- presumably
> as an alternative to SPF -- in order to verify the authenticity of the
> sender.
>
> If this is an Exim feature, where can I get documentation on how this
> works?
http://exim.org
verify sender /callout
>
> I expect this could create a recursive loop if two mail servers that both
> implement this feature send mail between one another. How is a loop avoided?
Do the sender-verify only for non-null FROM, and using a null FROM -
just like emitting a bounce. Unless you're Microsoft.
>
> Are there any blogs, caveates, discussions about this kind of behaviour in
> general?
Some people think that sender-verifies are evil. Google.
Cheers,
Jeremy