On Sun, Feb 05, 2006 at 07:53:18PM +0000, Adam Funk said: > On Sunday 05 February 2006 00:59, Stephen Gran wrote: > > However, asking exim > > to do this will violate so many normative standards of mail handling I > > am just not sure it's a good idea. A 5xx is a permanent reject and > > should be considred so - I know that at the larger sites I admin, when > > I see a mail I have just 5xx'ed retried, I assume it is spam, and try > > to come up with a rule that will catch it as well. > > The way I read that, you mean that if you reject a message I've tried to > route directly, you assume it's spam when you see it later coming through > a "smarthost". Is that right? Even though what you want is for us to > route through the smarthosts?
I realize I was unclear. What I meant was, when I get the chance to manually review the logs from exim, which isn't often enough, I look for extra stuff to 5xx. If I see a pattern that looks like: H=host1 F=<[EMAIL PROTECTED]> rejected RCPT <[EMAIL PROTECTED]> (some reason) followed shortly by <= [EMAIL PROTECTED] H=host2 => [EMAIL PROTECTED] I look at it and say to myself, "that looks like spam. How can I stop host2 from delivering that to us?" > > I am sorry, but the > > wish to work around a permanent failure just seems like a bad idea. It > > is just so fundamental to the basic concepts of SMTP handling that I > > can't imagine the good outweighing the bad. > > The problem that Daevid and I have had is that (1) our Exim bounces a > message because you (for example) reject it because we're on a blacklist; > (2) so we have to add that domain to the list of smarthosted destinations > -- which is what you want us to do, right? -- then resend the message. > > The problem is that we discover (1) and carry out (2) at some indefinite > later time. All we want is the ability to configure Exim to do for us > automatically and promptly what we now have to do manually and later -- > that certainly sounds like a job for a computer program to me. To be clear, I do not outright 5xx on any blacklist. I expect a reasonably run mailserver to meet the following criteria: the helo name matches the rdns the helo name isn't fundamentally broken (isn't exchange_server.local, for instance) forward and reverse dns match And then a few other tests a reasonably configured MX should pass. If you run a mailserver that can't match the 3 tests above, you probably are not on a network that will be able to deliver mail reliably to anyone. The issue of RBL's is really secondary, but I do use it as secondary scoring criteria for acceptance tests. I am not entirely happy about it, but the days of running mail servers off of hobby lines being over is probably fast approaching. I am in the same boat (although my rDNS and so forth match, so it will take a little longer to sift me out with the rest of the trash). I am realistic, though - the place to work around remote policies is not inside of exim. -- -------------------------------------------------------------------------- | Stephen Gran | BOFH excuse #203: Write-only-memory | | [EMAIL PROTECTED] | subsystem too slow for this machine. | | http://www.lobefin.net/~steve | Contact your local dealer. | -------------------------------------------------------------------------- -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
