Re: [exim] verify = recipient/callout --> Exchange2013

Top Page
Delete this message
Reply to this message
Author: Heiko Schlittermann
Date:  
To: exim-users
Subject: Re: [exim] verify = recipient/callout --> Exchange2013
Viktor Dukhovni <exim-users@???> (So 16 Nov 2014 23:47:44 CET):

> > One good and one bad:
> >
> >     <-  220 [hidden] Exchange
> >     -> EHLO nbox
> >     <-  250-exchange.[hidden].de Hello [10.0.8.2]
> >     ...
> >     -> RCPT TO:<peter.[hidden]@foo.[hidden].de>
> >     <-  250 2.1.5 Recipient OK
> >     -> RCPT TO:<foo@foo.[hidden].de>
> >     <-  250 2.1.5 Recipient OK
> >     -> DATA
> >     ...
> >     -> .
> >     <** 550 5.1.1 User unknown

>
> This is severely broken. Such a server must not be used to handle
> mail originating outside of Exchange without prior recipient
> validation (via LDAP, or similar) by a front-end gateway the
> processes multi-recipient mail correctly.


Validation via LDAP/AD imposes several problems, I think.

    - The backend might have policies based on the sender.


    - Unterstanding the AD structure of the Exchange (Forwardings,
      Aliases, Groups, …) is probably not straight forward …


    - The owner of the AD might have reasons not to expose the 
      directory or parts of it to the front-end gateway.



> This behaviour should be configurable and it should be possible
> to disable it.


Until now I didn't see any working solution. The admins of the backend
are working on it…

PS: I'm curious how the appliances (astaro, …) will handle this case. I
think, they rely on recipient callouts too…, I'm not sure though.

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: 7CBF764A -
 gnupg fingerprint: 9288 F17D BBF9 9625 5ABC  285C 26A9 687E 7CBF 764A -
(gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2  7E92 EE4E AC98 48D0 359B)-