Re: [exim] Sender verification failing sometimes

On 15/06/11 01:40, Marc Perkel wrote:
> It's one of those things that could be true depending on how you have
> things configured. I use sender verification callouts myself without any
> problems. but I use them after a lot of other tests to reduce the number
> of callouts I have to do.
>
> The real answer is - use it lightly.
>
> I do the black lists first, verify the recipient is good, and then after
> some other test do sender verification. I've never run into a problem
> with it when used that way. But if I did it on every message then I'd
> likely have a problem.

Arhem. You have experienced problems.

As a result of one of my servers rejecting your callout you blacklisted
it automagically. My server rejected the callout because you are
seemingly permanently listed in backscatterer.org.

My server was listed twice on host karma as a spam source because of
this, so I fixed the problem by not allowing my servers to send to any
of your servers. We got the person at the other end to swap to their
gmail account so that the two friends could actually talk.

I've since relaxed my stance and now use backscatterer to only reject
once it gets to the preDATA stage, which seems to allow the abusive
callouts to happen unhindered. I still monitor these to ensure that it
doesn't get out of hand.

I've had two single domain machines obliterated by sender callouts and a
joe job. Being a small operator on the end of a multi-million (billion?)
email callout bomb is a case of throwing up your arms in surrender and
simply shutting down the server until the attack subsides.