On 2017-12-29, Sebastian Arcus via Exim-users <exim-users@???> wrote:
> I use sender extended callout/varification in Exim:
>
> deny message = Sender cannot be verified
> log_message = "Reject: sender cannot be verified"
> !verify = sender/callout=2m,defer_ok
>
> I find the above extremely useful in combating spam from addresses with
> a real domain, but fictitious local part. However, I just noticed in
> logs that mail from noreply@ type email addresses bounces back:
>
> 2017-12-29 11:35:59.004 [27104]
> H=mail-cys01nam02hn0243.outbound.protection.outlook.com
> (NAM02-CY1-obe.outbound.protection.outlook.com) [104.47.37.243]:59248
> I=[192.168.15.2]:25 sender verify fail for <no-reply@???>:
> microsoft-com.mail.protection.outlook.com [23.103.156.74] : SMTP error
> from remote mail server after RCPT TO:<no-reply@???>: 550
> 5.4.1 [no-reply@???]: Recipient address rejected: Access
> denied [DM3NAM06FT008.Eop-nam06.prod.protection.outlook.com]
>
> I can understand why they would reject a MAIL command on that address,
> as it can't receive email (if that's correct?). What is the best way to
> proceed here?
Do you want this email?
> Add a condition to the callout acl, to check for a list of
> keywords in the local part of the sender's address? Is the remote end
> breaking the rules? Some other solution to fix this, maybe?
Personally I only use extensive verification on postmaster, abuse, and
other accounts that should only get mail from humans.
--
This email has not been checked by half-arsed antivirus software