On Wed, 22 Apr 2009 09:01:38 +0200, Heiko Schlittermann <[email protected]> wrote: > Mike Cardwell <[email protected]> (Mi 22 Apr 2009 00:18:54 > CEST): >> Heiko Schlittermann wrote: >> > It depends on your ACL configuration. Always you can emply the >> > $sender_host_address variable. Or you can use the 'hosts = ..' ACL >> > item. >> >> Your suggestion doesn't work. The IP of the connecting host is >> irrelevant. It's the IP that a sender callout would connect back to that
>> is relevant. > > True. You're right. (You told me what I'm telling other people, normally > ...) Sorry for the noice. I should think twice before sending :-/ On that note, perhaps whitelisting based on domain is more sensible that whitelisting based on IP addresses or a DNS lookup of the MX records. Surely if one MX of a domain is taking assertive action against callouts, then all of the other MX will too. In regards to doing callouts - I don't use them except on suspect yahoo|hotmail|aol|lycos|msn|gmail emails, such as those that don't come from their own mail servers. For all other cases, either RDNS, HELO, greylist, not-quit, or spamhaus has already taken care of them and those that make it past that get killed off by header checks or SA. The wishy washy answer of a callout - account does not exist on this server vs account may exist on this server - just isn't that useful. Callouts are also a listing criteria for ips.backscatterer.org which is a bit of pain since I use that to get rid of the damn Russian servers that insist on accepting emails pretending to be me even though I have SPF records and then bounce the result back to me when they can't be delivered. -- The Exim Manual http://www.exim.org/docs.html http://docs.exim.org/current/ -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
