Sender Verification

[chuza]

Does 'sender verify' in exim configuration enable verification of existence of the emails being received by my server or sent by my server.
I do an 'exim -bp' and find messages like this

Code:

72h  8.0K 1OE4Y4-0005oA-Hj <>
          abc@anonymous.com

Can someone tell me if enabling sender verification will stop sending of these messages from my server to xyz remote addresses.

[cPanelDon]

Does 'sender verify' in exim configuration enable verification of existence of the emails being received by my server or sent by my server.
I do an 'exim -bp' and find messages like this

Code:

72h  8.0K 1OE4Y4-0005oA-Hj <>
          abc@anonymous.com

Can someone tell me if enabling sender verification will stop sending of these messages from my server to xyz remote addresses.

I cannot accurately determine what precisely will help without seeing the full, verbose message headers, and being able to compare the e-mail header information with that from the Exim log data, Exim MTA configuration, and the configuration of e-mail features within the applicable cPanel account(s).

The null sender leads me to believe it may be a bounce message, but one that I would venture to guess may have failed.

1.) Are the username and domain name provided munged or are they provided as-is from the Exim CLI output?

2.) Have you examined the full message headers to determine where the original e-mail was destined, i.e., what recipient address on your server was targeted?

3.) Does the recipient address exist as an e-mail account, e-mail forwarder, or was it received due to a default address being used as a catch-all?

4.) Do you have the following option enabled or disabled?
WHM: Main >> Service Configuration >> Exim Configuration Editor >> Standard Options >> Filters

• SpamAssassin™: Bounce mail when the spam score is above this number.
  Reject mail with a bounce message (not at SMTP time) when the spam score is greater than [this number].

Instead of having your server reject by sending a bounce message, I recommend using available options that have Exim reject messages at SMTP time; as with other Exim configuration options they can be accessed via WHM at the following menu path: WHM: Main >> Service Configuration >> Exim Configuration Editor

As compared below, I recommend using "Sender Verification" but I do not recommend using "Sender Verification Callouts":
WHM: Main >> Service Configuration >> Exim Configuration Editor >> Standard Options >> Mail

• Sender Verification - Verify that the domain mail reports as it origin actually exists.
• Sender Verification Callouts - Use callouts to verify the existence of email senders. Exim will connect to the mail exchanger for a given address to verify it exists before accepting mail from it.

[chuza]

I cannot accurately determine what precisely will help without seeing the full, verbose message headers, and being able to compare the e-mail header information with that from the Exim log data, Exim MTA configuration, and the configuration of e-mail features within the applicable cPanel account(s).
The null sender leads me to believe it may be a bounce message, but one that I would venture to guess may have failed.

No, its not a bounce message as some messages with blank sender have hundreds of recipients from yahoo, aol addresses and some messages have been reported back as spam abuse reports.

1.) Are the username and domain name provided munged or are they provided as-is from the Exim CLI output?

I changed the actual address, but the format was same. I checked logs and they show nothing. same blank address as sender and no 'cwd' which normally shows the path of the script sending the email.

2.) Have you examined the full message headers to determine where the original e-mail was destined, i.e., what recipient address on your server was targeted?

Did an 'exim -Mvb msgID' and it was a spam email.

3.) Does the recipient address exist as an e-mail account, e-mail forwarder, or was it received due to a default address being used as a catch-all?

Yes, hundreds of them seem to be valid addresses. I only pasted one abc@anonymous.com but there are hundreds of recipient addresses for individual message IDs when I do an 'exim -bp'.

4.) Do you have the following option enabled or disabled?[*]SpamAssassin™: Bounce mail when the spam score is above this number.
Reject mail with a bounce message (not at SMTP time) when the spam score is greater than [this number].

I see no such option in exim configuration >> standard options >> filters. I have enabled sender verification enabled for the past few days but still see such messages. in the queue. Some of them get frozen and eventually end up clearing them up but spam abuse reports received do suggest that spam was sent. I will check into the documentation you quoted Don. Thanks for that.