[exim-dev] [Bug 1096] New: Add mailfrom option to recipient …

Top Page
Delete this message
Reply to this message
Author: Marc Perkel
Date:  
To: exim-dev
New-Topics: [exim-dev] [Bug 1096] Add mailfrom option to recipient callout
Subject: [exim-dev] [Bug 1096] New: Add mailfrom option to recipient callout
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1096
           Summary: Add mailfrom option to recipient callout
           Product: Exim
           Version: N/A
          Platform: Other
        OS/Version: All
            Status: NEW
          Severity: wishlist
          Priority: medium
         Component: ACLs
        AssignedTo: nigel@???
        ReportedBy: marc@???
                CC: exim-dev@???



Right now as I understand it recipient callouts are limited to two sender
options, either an empty sender, or using the original sender.

Keep in mind that my application is that I'm running a front end spam filtering
service where I accept email for thousands of domains, clean it, and forward to
the end user's servers. The servers I forward to are not under my control, and
often are not under the control of the customer either. (The customer's ISP has
control). Therefore I have to be able to adapt to a wide variety of conditions
that I can not control.

The reason I do recipient verification is because if the recipient doesn't
exist on the customer's server I want to know that at SMTP time so that I can
reject the email while they are still connected rather that produce a separate
bounce email later.

The disadvantage of an empty sender is that some people implement "back-scatter
protection" to by hostile to sender address verification. But this
configuration is also hostile to recipient verification as well.

When using the original sender the disadvantage is that the caching is based on
sender recipient pairs so that a separate callout must be done if multiple
senders are sending to the same recipient. That increases the bandwidth usage
and the higher number of connections sometimes triggers connection count
greylisting delays on the recipient server side.

So - my thinking is that if there were a mailfrom option on recipient callouts
then I could use something like "recipient-email-verify@??? as
the sender and avoid both of the above problems. Additionally this address
would appear in the customer's logs and would let them know what the connection
was about. (As opposed to "I got this connection but it never sent any email")

Since mailfrom is already in sender verification it should be easy to allow in
recipient verification.

Can I suggest it be a hidden feature (undocumented) if there are concerns for
4.75 and then fully implement it in 4.76?


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email