Thomas Hochstein wrote: > W B Hacker schrieb: > >> first off, using a machine-generated bogus destination address such as; >> >> <[email protected]> >> >> .. is probably going to get you a rejection in ALL cases where the target >> does >> *recipient* verification. > > Yes, that's the point. > > See <http://www.exim.org/exim-html-4.40/doc/html/spec_38.html>: > | random: Before doing the normal callout check, Exim does a check for > | a “random” local part at the same domain. The local part is not > | really random – [...] > | > | The idea here is to try to determine whether the remote host accepts > | all local parts without checking. If it does, there is no point in > | doing callouts for specific local parts. If the “random” check > | succeeds, the result is saved in a cache record, and used to force > | the current and subsequent callout checks to succeed without a > | connection being made, until the cache record expires. > > I'll have to (re-)evaluate that sometimes; a list of hosts that > blindly accept all recipients would be better, of course. > > Regards, > -thh >
Well - yah... basically a test for far-end being an open-relay every time you send? JM2CW, but any of the many open-relay RBL's or online tests cover that - and AFAIK, faster and 'cheaper' than a callout. It isn't that a callout is always evil, always unwelcome, etc. It's that a callout has too low of a probability of gaining a response that is both predictable and useful for the general case. W/r vetting submission TO you, an rDNS test is a great deal more consistent and reliable - even if / especially if not used as an immediate hard-fail. While you will almost certainly need a whitelist, covering the few correspondent who don't have their most basic DNS in order takes a much smaller list of exemptions than a list of those who do not support callouts. YMMV, Bill -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
