----- Original Message ----- From: "Toralf Lund" <[EMAIL PROTECTED]> To: "Exim Mailing List" <[email protected]> Sent: Friday, July 06, 2007 9:17 AM Subject: [exim] Sender callout verification with warning only
> We recently found that we could no longer use Exim's sender callout > verification on our MX because people here rely on various web services > etc. that send auto-generated messages "from" addresses with incorrect > local parts (and identifying all of them so that exceptions could be > made also seemed difficult.) But, then I thought that I might at least > add a warning if the callout fails, so the check_recipient ACL now has: > > require verify = sender > warn !verify = sender/callout=defer_ok > message = X-Sender-Warning: The email setup at > $sender_address_domain does not accept messages to $sender_address > > Questions: > > 1. Does this look correct to you? (Note that I still want to reject > messages if the domain part is incorrect, hence the first test.) > 2. What header would you use for this warning? Do you realise that callouts are considered abusive in anti-spam circles and are often used in certain forms of ddos attacks ? Some major mail servers even BLOCK based on the number of callouts they receive from a given IP. Something like 80% of emails are spam, so 80% of your callouts are being directed at totally innocent machines. Challenge response methods should be considered in the same way. All the best Phil _____________________________________________ Website Hosting from only £5.00 per month. www.medwayhosting.com - +44 (0)1634 856965 _____________________________________________ Digital & Traditional Printing, and much more www.medwayprint.com - +44 (0)1634 281199 _____________________________________________ -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
