I use sender extended callout/varification in Exim:
deny message = Sender cannot be verified
log_message = "Reject: sender cannot be verified"
!verify = sender/callout=2m,defer_ok
I find the above extremely useful in combating spam from addresses with
a real domain, but fictitious local part. However, I just noticed in
logs that mail from noreply@ type email addresses bounces back:
2017-12-29 11:35:59.004 [27104]
H=mail-cys01nam02hn0243.outbound.protection.outlook.com
(NAM02-CY1-obe.outbound.protection.outlook.com) [104.47.37.243]:59248
I=[192.168.15.2]:25 sender verify fail for <no-reply@???>:
microsoft-com.mail.protection.outlook.com [23.103.156.74] : SMTP error
from remote mail server after RCPT TO:<no-reply@???>: 550
5.4.1 [no-reply@???]: Recipient address rejected: Access
denied [DM3NAM06FT008.Eop-nam06.prod.protection.outlook.com]
I can understand why they would reject a MAIL command on that address,
as it can't receive email (if that's correct?). What is the best way to
proceed here? Add a condition to the callout acl, to check for a list of
keywords in the local part of the sender's address? Is the remote end
breaking the rules? Some other solution to fix this, maybe?