I'm assuming this mis-configured mailer at buffy.ms.cx is running Exim
(since it gives the same response to HELP as known Exim servers) and
that it's using the built-in sender address verification hack.
I really wish this check would properly discern the difference between a
recognizable error with the "RCPT TO:" command it tries (which would
indeed be most likely to indicate a problem with the address it is
testing) vs. any other error (which more likely means the mailer doing
the testing is mis-configured).
Complaining about "MAIL FROM:" when the rejected command was "HELO"
makes the address verifier look really quite stupid. It's being
explicitly told that it's mis-configured and then it blathers on about
something totally unrelated.
Errors with HELO should generate a big fat warning to the local
administrator and then a temporary reject to the sender who's address is
being verified.
Only certain errors with "MAIL FROM:" can validly be used as
justification for sending the complaint about rejecting bounces,
e.g. 55x, but anything else, especially 503, would still only indicate
serious configuration problems with the site trying to do the verify.
------- start of forwarded message (RFC 934 encapsulation) -------
Message-Id: <[EMAIL PROTECTED]>
Date: Fri, 3 Jun 2005 18:04:21 -0400 (EDT)
From: Delivery error returned from MAILER-DAEMON: (<>);
To: [EMAIL PROTECTED]
Subject: mail failed, returning to sender
Summary: message returned due to delivery errors.
Reference: <[EMAIL PROTECTED]>
[[ .... ]]
|------------------------- Failed addresses follow: ---------------------|
address '[EMAIL PROTECTED]' failed:
inet_zone_bind_smtp transport reports unknown user:
550-Callback setup failed while verifying <[EMAIL PROTECTED]>
550-Called: 204.92.254.2
550-Sent: HELO buffy.flyingmonkey.fm
550-Response: 501-fatal error while validating 'HELO' host name
'buffy.flyingmonkey.fm'.
550-501-connection rejected from buffy.ms.cx remote address [207.58.151.96].
550-501-Reason given was:
550-501-
550-501- None of the existing reverse DNS PTRs for the address
550-501- [207.58.151.96] has a hostname matching 'buffy.flyingmonkey.fm'.
550-501- Either your mailer's reverse DNS is misconfigured, or a DNS
spoofing
550-501 attempt has been blocked
550-The initial connection, or a HELO or MAIL FROM:<> command was
550-rejected. Refusing MAIL FROM:<> does not help fight spam, disregards
550-RFC requirements, and stops you from receiving standard bounce
550-messages. This host does not accept mail from domains whose servers
550-refuse bounces.
550 <[EMAIL PROTECTED]> does not appear to be a valid sender address.
------- end -------
And as for this specific error in this case, why is it that some folks
continue to have such difficulty using simple tools to do simple
consistency checks on their own DNS!?!?!?!?
$ host -v -A buffy.flyingmonkey.fm
Query about buffy.flyingmonkey.fm for record types A
Found 1 address for host buffy.flyingmonkey.fm
Hostname buffy.flyingmonkey.fm maps to address 207.58.151.96
Checking buffy.flyingmonkey.fm address 207.58.151.96
*** buffy.flyingmonkey.fm address 207.58.151.96 maps to hostname
buffy.ms.cx
*** Hostname buffy.flyingmonkey.fm does not belong to address
207.58.151.96
*** Not all addresses for hostname buffy.flyingmonkey.fm have a
matching hostname.
At least the name in the PTR is valid.....
$ host -v -A 207.58.151.96
Query about 207.58.151.96 for record types PTR
Address 207.58.151.96 maps to hostname buffy.ms.cx
Found 1 hostname for 207.58.151.96
Checking buffy.ms.cx address 207.58.151.96
--
Greg A. Woods
H:+1 416 218-0098 W:+1 416 489-5852 x122 VE3TCP RoboHack <[EMAIL PROTECTED]>
Planix, Inc. <[EMAIL PROTECTED]> Secrets of the Weird <[EMAIL
PROTECTED]>
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
