Jeremy Harris <jgh@???> (Fr 14 Nov 2014 10:42:25 CET):
> On 14/11/14 08:29, Heiko Schlittermann wrote:
> > But it doesn't help, if they accept every recipient of their domain
> > and then generate the bounce by themselve. Creating a bcc-router
> > for empty sender addresses from their host would help probably :)
>
> You either need to convince them to configure properly as an MTA
> (do not accept-then-bounce for nonexistent accounts, this *is*
> possible with Exchange just non-default) OR get access to their
> account database from Exim so that you can do the filtering.
> The latter I've never tried; isn't AD basically LDAP?
Currently it seems that they are not able to reject at RCPT, they
reject after DATA: "550 5.1.1 User unknown".
The on this list referenced microsoft document is not wrong in stating, that
the exchanges rejects the unknown recipient at SMTP session time. There
is no statement about the phase (RCPT, DATA, …).
I think, they try to "replace" all that mail gateways they have between
the internet and the exchange. IMHO all that gateways use callout
recipient verification. With the current exchange behaviour this wont
work anymore.
Best solution would be to fix the exchange behaviour. Reading the AD
(yes, it's LDAP) is possible too, but this means I've to interpret the
meaning of the attributes they use, I have to resolve information about
group membership, forwarding, etc pp) And I need access to that AD.
Probably they won't give me that access.
Cutthrough delivery is plan B, but limited to one recipient per
message…
Heiko
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: 7CBF764A -
gnupg fingerprint: 9288 F17D BBF9 9625 5ABC 285C 26A9 687E 7CBF 764A -
(gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B)-
