I'm assuming this mis-configured mailer at buffy.ms.cx is running Exim (since it gives the same response to HELP as known Exim servers) and that it's using the built-in sender address verification hack.
I really wish this check would properly discern the difference between a recognizable error with the "RCPT TO:" command it tries (which would indeed be most likely to indicate a problem with the address it is testing) vs. any other error (which more likely means the mailer doing the testing is mis-configured). Complaining about "MAIL FROM:" when the rejected command was "HELO" makes the address verifier look really quite stupid. It's being explicitly told that it's mis-configured and then it blathers on about something totally unrelated. Errors with HELO should generate a big fat warning to the local administrator and then a temporary reject to the sender who's address is being verified. Only certain errors with "MAIL FROM:" can validly be used as justification for sending the complaint about rejecting bounces, e.g. 55x, but anything else, especially 503, would still only indicate serious configuration problems with the site trying to do the verify. ------- start of forwarded message (RFC 934 encapsulation) ------- Message-Id: <[EMAIL PROTECTED]> Date: Fri, 3 Jun 2005 18:04:21 -0400 (EDT) From: Delivery error returned from MAILER-DAEMON: (<>); To: [EMAIL PROTECTED] Subject: mail failed, returning to sender Summary: message returned due to delivery errors. Reference: <[EMAIL PROTECTED]> [[ .... ]] |------------------------- Failed addresses follow: ---------------------| address '[EMAIL PROTECTED]' failed: inet_zone_bind_smtp transport reports unknown user: 550-Callback setup failed while verifying <[EMAIL PROTECTED]> 550-Called: 204.92.254.2 550-Sent: HELO buffy.flyingmonkey.fm 550-Response: 501-fatal error while validating 'HELO' host name 'buffy.flyingmonkey.fm'. 550-501-connection rejected from buffy.ms.cx remote address [207.58.151.96]. 550-501-Reason given was: 550-501- 550-501- None of the existing reverse DNS PTRs for the address 550-501- [207.58.151.96] has a hostname matching 'buffy.flyingmonkey.fm'. 550-501- Either your mailer's reverse DNS is misconfigured, or a DNS spoofing 550-501 attempt has been blocked 550-The initial connection, or a HELO or MAIL FROM:<> command was 550-rejected. Refusing MAIL FROM:<> does not help fight spam, disregards 550-RFC requirements, and stops you from receiving standard bounce 550-messages. This host does not accept mail from domains whose servers 550-refuse bounces. 550 <[EMAIL PROTECTED]> does not appear to be a valid sender address. ------- end ------- And as for this specific error in this case, why is it that some folks continue to have such difficulty using simple tools to do simple consistency checks on their own DNS!?!?!?!? $ host -v -A buffy.flyingmonkey.fm Query about buffy.flyingmonkey.fm for record types A Found 1 address for host buffy.flyingmonkey.fm Hostname buffy.flyingmonkey.fm maps to address 207.58.151.96 Checking buffy.flyingmonkey.fm address 207.58.151.96 *** buffy.flyingmonkey.fm address 207.58.151.96 maps to hostname buffy.ms.cx *** Hostname buffy.flyingmonkey.fm does not belong to address 207.58.151.96 *** Not all addresses for hostname buffy.flyingmonkey.fm have a matching hostname. At least the name in the PTR is valid..... $ host -v -A 207.58.151.96 Query about 207.58.151.96 for record types PTR Address 207.58.151.96 maps to hostname buffy.ms.cx Found 1 hostname for 207.58.151.96 Checking buffy.ms.cx address 207.58.151.96 -- Greg A. Woods H:+1 416 218-0098 W:+1 416 489-5852 x122 VE3TCP RoboHack <[EMAIL PROTECTED]> Planix, Inc. <[EMAIL PROTECTED]> Secrets of the Weird <[EMAIL PROTECTED]> -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/