On 30/03/06, Adam Funk <[EMAIL PROTECTED]> wrote: > On 2006-03-30, Peter Bowyer <[EMAIL PROTECTED]> wrote: > > >> >> But when MTA(n) rejects a message that MTA(n-1) is trying to relay, > >> >> MTA(n-1) has to bounce it, right? > >> > > >> > MTA(n-1) shouldn't accept messages to invalid recipients in the first > >> > place. If it has no direct knowledge of valid recipients, it should do > >> > callouts. > >> > >> I understood those weren't reliable because (there may be other > >> reasons?) in many cases MTA(n) is configured not to give out that > >> information because spammers could use it. > > > > The usual use case here is a 'border' MTA receiving mail for a known > > list of domains and forwarding to inner mailbox servers. In those > > controlled circumstances, recipient callouts are just fine. They > > shouldn't be used to indiscriminate destinations - but an MTA > > shouldn't be relaying for indiscriminate destinations either. > > I'm thinking of MTA(n-1) as a department's outgoinggmailhub or ISP's > smarthost. It's usually configured to accept anything from within the > IP range it's supposed to cover, and use DNS MX to pick MTA(n) for > non-local recipients. > > That's the sort of situation in which I was under the impression that > MTA(n-1) would often be unable to get the recipient-verify callout > information. Have I got this wrong?
You're right, it wouldn't use callouts. But instead, it has a closed community of known senders for whom it relays, and it can safely assume that none of them is forging its sender address - so if it gets a rejection on a relayed message, it can return it to the sender knowing that the sender address is genuine. Peter -- Peter Bowyer Email: [EMAIL PROTECTED] -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
