Re: [exim] [mailop] T-Online is now really blocking messages from non-commercial and simliar senders

2022-10-21 Thread Markus Reschke via Exim-users 

On Thu, 20 Oct 2022, Lena--- via Exim-users wrote:

Hi!


Kai Siering wrote on [mailop]:


how about starting internal discussions within that community
to include a default rejection of any mail from @t-online.de
in Exim's default configuration?



As nearly no-one who is deploying Exim
(or Postfix, Sendmail for that matter)
will be able to *send* to @t-online.de due to their policy,
it is only logical to not *accept* any mail from them, too.


I propose to include in default Exim config (in rcpt ACL)
a code which checks whether the server is blocked by t-online.de:


Anyone running MTAs for a while should have come across multiple 
organisations with restrictive MTA policies. It would be unreasonable to 
add special ACLs for each of them by default, just for a personal 
vendetta. For example, I had to unblock my MTAs at Deutsche Telekom, 
web.de and Microsoft. Annoying, but it works.


ciao
 Markus
--
/ Markus Reschke  \
\ madi...@theca-tabellaria.de /


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] [mailop] T-Online is now really blocking messages from non-commercial and simliar senders

2022-10-20 Thread Graeme Fowler via Exim-users 
On 20 October 2022 20:54:23 Jeremy Harris via Exim-users 
 wrote:

I don't think it should be the Exim project doing that,


Agreed. If it was commercial software doing that then there would be legal 
challenges galore.


Wearing my mailop moderator hat I think two things need to happen - first 
that the thread is pulled back into the realms of realism, and second look 
at my archives to see if I can find why Jeremy isn't on the list any more.


Graeme
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] [mailop] T-Online is now really blocking messages from non-commercial and simliar senders

2022-10-20 Thread Lena--- via Exim-users 
> T-Online clearly states in their terms and conditions that they will
> block servers who perform sender verfication towards them.

Then a different check:

 deny condition = ${if or{\
{eqi{$sender_address_domain}{t-online.de}}\
.ifdef _HAVE_LOOKUP_DNSDB
{forany{${lookup dnsdb{>: defer_never,mxh=$sender_address_domain}}}\
   {match{$item}{\N^mx\d+\.t-online\.de$\N}}}\
.endif
   }}
  condition = ${if match{${readsocket{inet:\
.ifdef _HAVE_LOOKUP_DNSDB
${reduce{${lookup dnsdb{>: defer_never,mxh=$sender_address_domain}}}\
{}{$item}}\
.else
mx00.t-online.de\
.endif
:25}{}{2s}}}{^554 IP=}}
  message = We checked that $sender_address_domain blocks us. \
So we do not accept a message we cannot reply to.
# The server admin may change "deny" to "warn" and
# "message =" to "control = fakereject/"
# but few admins will want that (or notice and bother).


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] [mailop] T-Online is now really blocking messages from non-commercial and simliar senders

2022-10-20 Thread Jeremy Harris via Exim-users 

On 20/10/2022 20:01, Lena--- via Exim-users wrote:

I propose to include in default Exim config (in rcpt ACL)
a code which checks whether the server is blocked by t-online.de


I don't think it should be the Exim project doing that,
in the default configuration of the Exim release,
if that's what you mean.

(Oddly enough, I was subscribed to mailop - but the last
message from there was in 2020.  Perhaps they fell foul
of my defences)
--
Cheers,
  Jeremy


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] [mailop] T-Online is now really blocking messages from non-commercial and simliar senders

2022-10-20 Thread Lena--- via Exim-users 
Kai Siering wrote on [mailop]:

> how about starting internal discussions within that community
> to include a default rejection of any mail from @t-online.de
> in Exim's default configuration?

> As nearly no-one who is deploying Exim
> (or Postfix, Sendmail for that matter)
> will be able to *send* to @t-online.de due to their policy,
> it is only logical to not *accept* any mail from them, too.

I propose to include in default Exim config (in rcpt ACL)
a code which checks whether the server is blocked by t-online.de:

 warn set acl_m_ton = notton
  condition = ${if or{\
{eqi{$sender_address_domain}{t-online.de}}\
.ifdef _HAVE_LOOKUP_DNSDB
{forany{${lookup dnsdb{>: defer_never,mxh=$sender_address_domain}}}\
   {match{$item}{\N^mx\d+\.t-online\.de$\N}}}\
.endif
   }}
  set acl_m_ton = checkdefer
  !verify = sender/callout=10s
  set acl_m_ton = $acl_verify_message

 deny condition = ${if !eq{$acl_m_ton}{notton}}
  condition = ${if !eq{$acl_m_ton}{checkdefer}}
  message = sender verify failed: $acl_m_ton

 deny condition = ${if eq{$acl_m_ton}{checkdefer}}
  message = We checked that $sender_address_domain blocks us. \
So we do not accept a message we cannot reply to.
# The server admin may change "deny" to "warn" and
# "message =" to "control = fakereject/"
# but few admins will want that (or notice and bother).


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/