[RFCI-Discuss] DSN qantas.com.au

Andrew Buckeridge andrewb at zagam.net
Sat Feb 27 03:16:00 UTC 2010 

See
http://www.rfc-ignorant.org/tools/detail.php?domain=qantas.com.au&submitted=1267153108&table=dsn

They accept "MAIL FROM:<>" with "250 sender <> ok", but defer refusal to
"RCPT TO:<KNOWN_USER at qantas.com.au>" with
"550 #5.1.0 Rejected by bounce verification."

Such deferral may circumvent the DSN list and make it less useful.

I want to add such domains to the DSN list, but can't.

The list would be handy as sort of white list in exim4.
I.e. verify calls failed so tag only and accept anyway.

Exim4 ACLs could look something like this:

> TERNARYBUGFIX = acl_m3

DO_WARN macro sets some variables for grey listing defered until
RCPT TO:<> so that we know who the email was for and manipulates the
teergrube delay challenge. If they spoof their session we to be sure
that it is a real MTA talking to us and not the excess capacity of the
Microsoft bot net. Macros are in ALL_CAPS C style.

Somewhere in the acl_smtp_mail ACL:

> # 1. Is envelope sender genuine?
> 
>      warn set TERNARYBUGFIX = \
> MAIL Envelope sender <$sender_address> does not accept SMTP
> 
>      warn verify = sender/callout=300s
>           set TERNARYBUGFIX =
> 
> # For Qantas.com.au
>      warn condition = ${if eq{$TERNARYBUGFIX}{}{no}{yes}}
>           dnslists = dsn.rfc-ignorant.org/$sender_address_domain
>           set TERNARYBUGFIX =
> 
>      warn condition = ${if eq{$TERNARYBUGFIX}{}{no}{yes}}
>           DO_WARN\
> $TERNARYBUGFIX $acl_verify_message
>           set ACL_DELAY = ${if <{$ACL_DELAY}{LUSER}{LUSER}{$ACL_DELAY}}
> 
> # 2. Is envelope sender domain genuine? postmaster@
> 
>      warn set TERNARYBUGFIX = \
> MAIL mailto:submit-postmaster at rfc-ignorant.org?subject=$sender_address_domain
> 
>      warn verify = sender=postmaster@$sender_address_domain/callout=300s
>           set TERNARYBUGFIX =
> 
> # For Qantas.com.au
>      warn condition = ${if eq{$TERNARYBUGFIX}{}{no}{yes}}
>           dnslists = dsn.rfc-ignorant.org/$sender_address_domain
>           set TERNARYBUGFIX =
> 
>      warn condition = ${if eq{$TERNARYBUGFIX}{}{no}{yes}}
>           DO_WARN\
> $TERNARYBUGFIX $acl_verify_message
>           set ACL_DELAY = ${if <{$ACL_DELAY}{LUSER}{LUSER}{$ACL_DELAY}}
> 
> # 3. Is envelope sender domain genuine? abuse@
> 
>      warn set TERNARYBUGFIX = \
> MAIL mailto:submit-abuse at rfc-ignorant.org?subject=$sender_address_domain
> 
>      warn verify = sender=abuse@$sender_address_domain/callout=300s
>           set TERNARYBUGFIX =
> 
> # For Qantas.com.au
>      warn condition = ${if eq{$TERNARYBUGFIX}{}{no}{yes}}
>           dnslists = dsn.rfc-ignorant.org/$sender_address_domain
>           set TERNARYBUGFIX =
> 
>      warn condition = ${if eq{$TERNARYBUGFIX}{}{no}{yes}}
>           DO_WARN\
> $TERNARYBUGFIX $acl_verify_message
>           set ACL_DELAY = ${if <{$ACL_DELAY}{LUSER}{LUSER}{$ACL_DELAY}}

More information about the RFCI-Discuss mailing list