Autor: Marc Perkel Datum: To: exim-users Betreff: Re: [exim] Sender verification failing sometimes
On 6/14/2011 6:02 PM, Ted Cooper wrote: > On 15/06/11 01:40, Marc Perkel wrote:
>> It's one of those things that could be true depending on how you have
>> things configured. I use sender verification callouts myself without any
>> problems. but I use them after a lot of other tests to reduce the number
>> of callouts I have to do.
>>
>> The real answer is - use it lightly.
>>
>> I do the black lists first, verify the recipient is good, and then after
>> some other test do sender verification. I've never run into a problem
>> with it when used that way. But if I did it on every message then I'd
>> likely have a problem.
> Arhem. You have experienced problems.
>
> As a result of one of my servers rejecting your callout you blacklisted
> it automagically. My server rejected the callout because you are
> seemingly permanently listed in backscatterer.org.
>
> My server was listed twice on host karma as a spam source because of
> this, so I fixed the problem by not allowing my servers to send to any
> of your servers. We got the person at the other end to swap to their
> gmail account so that the two friends could actually talk.
>
> I've since relaxed my stance and now use backscatterer to only reject
> once it gets to the preDATA stage, which seems to allow the abusive
> callouts to happen unhindered. I still monitor these to ensure that it
> doesn't get out of hand.
>
> I've had two single domain machines obliterated by sender callouts and a
> joe job. Being a small operator on the end of a multi-million (billion?)
> email callout bomb is a case of throwing up your arms in surrender and
> simply shutting down the server until the attack subsides.
>
I don't remember the details of this but I try to get the hostkarma list
right. So if there's a mistake I want to figure it out and fix it. If
your server was telling my server that the sender didn't exist then you
might have been miscatagorized as a spam source. And I can whitelist
around mistakes.
If your server rejected my callouts then your server was giving my
servers wrong information. And if I get wrong information then it leads
to errors. I'm still willing to work with you to make sure it doesn't
happen again.
Backscatter has me permanently blacklisted because they don't like my
outspoken position on sender verification. I have them permanently
blacklisted because I blacklist anyone who deliberately interferes with
the operation of my business. If you rely on backscatterer and it
resulted in you accidentally getting listed on my list, that's not my
fault. Unlike backscatterer however I try to get it right. I have
exception lists for almost everything. I can white list your IP and/or
host name to make sure you aren't wrongly listed.