Querying other SMTP server for valid addresses?

Steve Swaney Steve.Swaney at FSL.COM
Sat Nov 20 00:21:16 GMT 2004

> -----Original Message-----
> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
> Behalf Of Mike Bacher
> Sent: Friday, November 19, 2004 7:08 PM
> Subject: Re: Querying other SMTP server for valid addresses?
> Steve Swaney wrote:
> >
> > Yes, there is a way. If you use sendmail, you might want to look at
> > milter-ahead.
> >
> >         http://www.milter.info/milter-ahead/
> >
> > I quote from the web site:
> >
> > "This Sendmail milter (mail filter) allows a gateway mail server to
> > call-ahead to a relay or internal mail store before accepting mail for
> > recipients of a message. Think of it as a lazy man's LDAP. It could also
> be
> > used by fallback MX servers to verify recipients with the primary MX."
> Looks like exim has this sort of facility built-in.  Per the manual:
> 38.21. Callout verification
> For non-local addresses, routing verifies the domain, but is unable to do
> any checking of
> the local part. There are situations where some means of verifying the
> local part is
> desirable. One way this can be done is to make an SMTP callback to the
> sending host (for a
> sender address) or a callforward to a subsequent host (for a recipient
> address), to see if
> the host accepts the address. We use the term callout to cover both cases.
> This facility
> should be used with care, because it can add a lot of resource usage to
> the cost of
> verifying an address. However, Exim does cache the results of callouts,
> which helps to
> reduce the cost. Details of caching are in the next section.
> Recipient callouts are usually used only between hosts that are controlled
> by the same
> administration. For example, a corporate gateway host could use callouts
> to check for
> valid recipients on an internal mailserver. A successful callout does not
> guarantee that a
> real delivery to the address would succeed; on the other hand, a failing
> callout does
> guarantee that a delivery would fail.
> If the callout option is present on a condition that verifies an address,
> a second stage
> of verification occurs if the address is successfully routed to one or
> more remote hosts.
> The usual case is routing by a dnslookup or a manualroute router, where
> the router
> specifies the hosts. However, if a router that does not set up hosts
> routes to an smtp
> transport with a hosts setting, the transport's hosts are used. If an smtp
> transport has
> hosts_override set, its hosts are always used, whether or not the router
> supplies a host
> list.
> The port that is used is taken from the transport, if it is specified and
> is a remote
> transport. (For routers that do verification only, no transport need be
> specified.)
> Otherwise, the default SMTP port is used. If a remote transport specifies
> an outgoing
> interface, this is used; otherwise the interface is not specified.
> For a sender callout check, Exim makes SMTP connections to the remote
> hosts, to test
> whether a bounce message could be delivered to the sender address. The
> following SMTP
> commands are sent:
>    HELO <primary host name>
>    MAIL FROM:<>
>    RCPT TO:<the address to be tested>
>    QUIT
> LHLO is used instead of HELO if the transport's protocol option is set to
> "lmtp".
> A recipient callout check is similar. By default, it also uses an empty
> address for the
> sender. This default is chosen because most hosts do not make use of the
> sender address
> when verifying a recipient. Using the same address means that a single
> cache entry can be
> used for each recipient. Some sites, however, do make use of the sender
> address when
> verifying. These are catered for by the use_sender and use_postmaster
> options, described
> in the next section.
> If the response to the RCPT command is a 2xx code, the verification
> succeeds. If it is
> 5xx, the verification fails. For any other condition, Exim tries the next
> host, if any. If
> there is a problem with all the remote hosts, the ACL yields "defer",
> unless the defer_ok
> parameter of the callout option is given, in which case the condition is
> forced to succeed.
> --
> -----------------------------------------
> Mike Bacher / isp-list at tulsaconnect.com
> TCIS - TulsaConnect Internet Services
> Phone: 918-584-1100x110 Fax: 918-582-5776
> -----------------------------------------


Thanks very much for the information. My quick and thoughtless comments:

1. Its Excellent and good to know that Exim has this facility built-in
2. From my limited knowledge of milter-ahead, it looks to
   be a bit more sophisticated than the functionality provided
   by Exim. (I could easily be wrong)
3. Both will have problems with Exchange and Notes servers

Now can Postfix do this trick?


Steve Swaney
Fortress Systems Ltd.
steve.swaney at fsl.com

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Fortress Systems Ltd.

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list