I think random callouts should use a recipient that is random but uniquely determined by some local and remote characteristics like, for instance, local and remote hostnames. Otherwise random callout will fail when confronted to greylisting. I have also noticed a potential problem with caching within a session, see below.
I have two callout acls to emulate a multiple level callout result, but because of the cache this should not need any more callouts than a single acl. I simulated a session from lists.samba.org because that server uses greylisting also for null envelope senders. exim -bhc gives: >>> check verify = sender/callout=30s,random [...] >>> Attempting full verification using callout >>> callout cache: found domain record >>> callout cache: need to check random address handling (not cached or cache expired) >>> interface=192.168.50.12 port=25 >>> Connecting to dp.samba.org [66.70.73.150]:25 from 192.168.50.12 ... connected >>> SMTP<< 220 lists.samba.org NO UCE ESMTP Postfix >>> SMTP>> HELO ns.ondecorte.net >>> SMTP<< 250 lists.samba.org >>> SMTP>> MAIL FROM:<> >>> SMTP<< 250 Ok >>> SMTP>> RCPT TO:<randomaddress1> >>> SMTP<< 450 < randomaddress1 >: Recipient address rejected: Greylisted for 300 seconds (see http://isg.ee.ethz.ch/tools/postgrey/ help/lists.samba.org.html) >>> SMTP>> RSET >>> SMTP<< 250 Ok >>> SMTP>> MAIL FROM:<> >>> SMTP<< 250 Ok >>> SMTP>> RCPT TO:<envelopesender> >>> SMTP<< 250 Ok >>> SMTP>> QUIT >>> wrote callout cache domain record: >>> result=1 postmaster=0 random=0 >>> wrote positive callout cache address record [...] >>> check !verify = sender/callout=30s,random >>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>> routing [EMAIL PROTECTED] >>> lists.samba.org in "dsearch;/usr/local/conf/exim/domains"? no (end of list) >>> lists.samba.org in "! +local_domains"? yes (end of list) >>> calling dnslookup router >>> 66.70.73.150 in "0.0.0.0 : 127.0.0.0/8 : 169.254.0.0/16 : 192.168.0.0/16"? no (end of list) >>> routed by dnslookup router >>> Attempting full verification using callout >>> callout cache: found domain record >>> callout cache: need to check random address handling (not cached or cache expired) >>> interface=192.168.50.12 port=25 >>> Connecting to dp.samba.org [66.70.73.150]:25 from 192.168.50.12 ... connected >>> SMTP<< 220 lists.samba.org NO UCE ESMTP Postfix >>> SMTP>> HELO ns.ondecorte.net >>> SMTP<< 250 lists.samba.org >>> SMTP>> MAIL FROM:<> >>> SMTP<< 250 Ok >>> SMTP>> RCPT TO:<randomaddress2> >>> SMTP<< 450 <randomaddress2>: Recipient address rejected: Greylisted for 300 seconds (see http://isg.ee.ethz.ch/tools/postgrey/ help/lists.samba.org.html) >>> SMTP>> RSET >>> SMTP<< 250 Ok >>> SMTP>> MAIL FROM:<> >>> SMTP<< 250 Ok >>> SMTP>> RCPT TO:< envelopesender > >>> SMTP<< 250 Ok >>> SMTP>> QUIT >>> wrote callout cache domain record: >>> result=1 postmaster=0 random=0 >>> wrote positive callout cache address record and indeed a dump of the callout database gives: 17-Jun-2007 22:48:01 lists.samba.org callout=accept postmaster=unknown random=unknown 17-Jun-2007 22:48:01 envelopesender callout=accept So: 1) random callouts will never pass with greylisting peers 2) in the session above the envelopesender has been checked twice, even if the peer accepted the first one. Giuliano -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
