Hi, Stuart Gall wrote: > Hello, > I have just came across two servers that are blocking empty envelope > to's > > VIZ > telnet mail.ophosting.net 25 > Trying 63.246.16.254... > Connected to mail.ophosting.net. > Escape character is '^]'. > 220 ophosting.net (IMail 8.00 37307-38) NT-ESMTP Server X1 > helo itsme > 250 hello ophosting.net > mail from:<> > 501 bogus mail from > quit > 221 Goodbye > Connection closed by foreign host. > Please report them to http://www.rfc-ignorant.org
> > I assume that this is some kind of anti spam measure > So this means > 1. They will never get a DSN > 2. sender callout will fail This is a dumb so-called antispam feature which is not rfc compliant and stops about nothing. > > > Now obviously if they do not accept DSN's undeliverable messages will > be frozen on our server and so this should be rejected. Personally I > would be quite happy to leave it at that. However one of my clients > wants to be able to receive mail from two such domains. > > So I was wondering if anyone else has came across this strange tactic. ? > If it becomes more widespread then perhaps we need an option to > specify the from address in sender callouts. I did come into such a problem. The resolution is quite simple, just contact the owner of these domains (IE: cc the postmaster of these domain when you send the evidence of their non compliance to rfc-ignorant.org) and ask them to correct their mail servers. For an example of a warning mail, you can look at http://www.rfc-ignorant.org/tools/detail.php?domain=asicorp.com&submitted=1161039519&table=dsn (yes, I do submit them automatically and there are many per day) Another (bad) solution is to do something like this in your rules: deny condition = ${if match {$sender_address_domain}{domain1.tld|domain2.tls}{no}{yes}} message = <$sender_address> does not appear to be a valid sender address. !verify = sender/callout=20s,defer_ok,random > > That way if you are using callouts as an anti spam measure then you > can use postmaster as the sender. > and retain some of the advantages. > The only problem with having a from address in the callout is that > you might get a mail callout loop if the other server is doing call > backs. Hmmm thats a big problem. > > Perhaps there should be a way to defer if the from is rejected as > opposed to the rcpt to: > > > Comments ? > > > Stuart Gall > >
smime.p7s
Description: S/MIME Cryptographic Signature
-- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
