jseymour Posted October 8, 2007 Posted October 8, 2007 My hosting company (Site5) does not appreciate the importance of rejecting bad email addresses at the SMTP level. Instead, they accept all messages and then generate a new bounce if the recipient is unknown. I'm sure we all know the problem with this method. Site5 is running cPanel and uses the Exim mail server. Does anyone know if this combination can be made secure with regards to invalid recipients? If it can, I'm going to try to get them to set it up properly. If it can't, I'll be looking for a new hosting company... (Their response to my problem ticket was not promising: "It is fairly common behavior for a server to accept a message and then bounce it after the fact as long as the domain is configured on the server.") -Jim Seymour
turetzsr Posted October 8, 2007 Posted October 8, 2007 Hi, Jim, ...By going to the top of the screen and entering "cPanel exim" in the box next to the "Search for -->" button and then pressing that button, the following link was returned, right at the top: Bouncing Yahoo Groups and my Web Host. See if that helps. If not, you might try the same search yourself and see if any of the other hits is of value. ...Good luck!
jseymour Posted October 8, 2007 Author Posted October 8, 2007 ...By going to the top of the screen and entering "cPanel exim" in the box next to the "Search for -->" button and then pressing that button, the following link was returned, right at the top: Bouncing Yahoo Groups and my Web Host. See if that helps. If not, you might try the same search yourself and see if any of the other hits is of value. Thanks. I did a search before posting and didn't see anything that looked useful. There's a lot of information available about how to set up an RBL (including the thread you pointed me to). However, I've not seen anything about rejecting based on recipient information. Part of my problem is that I'm a little out of my league. I'm familiar with mail servers in general (having run a couple of Postfix servers for several years), but I have no clue about cPanel and Exim. Based on the Exim documentation I've seen, it appears to be possible - but I don't know if cPanel provides access to the appropriate option(s).
agsteele Posted October 9, 2007 Posted October 9, 2007 Site5 is running cPanel and uses the Exim mail server. Does anyone know if this combination can be made secure with regards to invalid recipients? Hi Jim, It has nothing to do with cPanel as such. All cPanel does is allow you to configure certain options on the server. Exim does allow you to reject at the SMTP level but it does not appear to be quite so straight forward as with other MTAs. If you're restricted to cPanel access only then it will depend upon what your hosting provider has decided to allow you to do as to whether you can reject at SMTP. My previous host used Exim and all our undeliverable mail was rejected and, as I recall, it was accomplished through an ACL. So I'd press your host to fix this issue for you. Andrew
DavidT Posted October 9, 2007 Posted October 9, 2007 Site5 is running cPanel and uses the Exim mail server. Does anyone know if this combination can be made secure with regards to invalid recipients?Yes, it can. I'm involved with a site using that combination on a shared server and I just tested its response to bad addresses. They were rejected during the initial SMTP handshaking, producing a "550" error (abeit, not as verbose as it should have been), which is a fatal error at which point the sending system aborts the attempted delivery. DT
royce Posted December 16, 2007 Posted December 16, 2007 Site5 is running cPanel and uses the Exim mail server. Does anyone know if this combination can be made secure with regards to invalid recipients? This can be done within the cPanel interface. Under Mail Manager -> Default Address Maintenance, add this to your domain: :fail: no such address here This will result in rejects like the following: 2007-12-16 10:32:00 H=spammer.example.net (706167c405e3d8) [192.168.42.101] F=<spambot[at]example.com> rejected RCPT <me[at]mydomain.example.org>: no such address here Royce
jseymour Posted December 17, 2007 Author Posted December 17, 2007 This can be done within the cPanel interface. Under Mail Manager -> Default Address Maintenance, add this to your domain: :fail: no such address here This will result in rejects like the following: 2007-12-16 10:32:00 H=spammer.example.net (706167c405e3d8) [192.168.42.101] F=<spambot[at]example.com> rejected RCPT <me[at]mydomain.example.org>: no such address here Thanks. Unfortunately, I don't have access to cPanel. I believe my hosting company (Site5) uses cPanel, but the interface they provide to us is something they developed on their own. The closest analogy I see is in my "Email Forwarders" settings - where I have my wildcard address set to ":fail: No Such User Here". However, the mail server still accepts all incoming messages and then generates a bounce after-the-fact. Your reject entry above doesn't speak to me, either. I don't see a three-digit response code - which begs the question: Is this a SMTP reject or a "bounce" message? Finally, I sent a suggestion to Site5 that they should fix this deficiency, but they have (so far) ignored me. When my renewal comes up, I am considering switching to a more email-friendly host (if I can find one).
DavidT Posted December 20, 2007 Posted December 20, 2007 Your reject entry above doesn't speak to me, either. I don't see a three-digit response code - which begs the question: Is this a SMTP reject or a "bounce" message? That example wasn't good...it should have looked something like this: The following message to <xyz123[at]domain.com> was undeliverable. The reason for the problem: 5.1.0 - Unknown address error 550-'No Such User Here' That's what I just received back when sending to a bogus address at one of my domains (not actually "domain.com"), now hosted on a VPS with cPanel and exim, using ":fail:" for my default, and using ACL. Finally, I sent a suggestion to Site5 that they should fix this deficiency, but they have (so far) ignored me. When my renewal comes up, I am considering switching to a more email-friendly host (if I can find one). Don't just consider it...(quoting Monty Python and the Holy Grail) RUN AWAY! Most legitimate hosts are rejecting during the SMTP handshaking. Ask it as a pre-sales question, and be sure to get a "money-back guarantee" in case anyone misleads you with the answer. DT
Recommended Posts
Archived
This topic is now archived and is closed to further replies.