disable Sender Verify Callouts for Authenticated SMTP users?


Well-Known Member
Aug 21, 2003
La Crosse, WI
cPanel Access Level
Root Administrator
is there a way to bypass sender verify callouts for authenticated SMTP users?

The example is here:

I have a user on my server with the e-mail address of
[email protected] that uses my server for outbound SMTP.

This user wants to have her FROM address in Outlook listed as something
different, [email protected].

For some reason, the nothostedhere.com server is not working when we try to do
sender verify callouts.

This particular user has a dynamic IP address and so I cannot whitelist her IP to stop the
sender verify callouts.

So, to clarify, the user tries to send an e-mail to her account on my server, via SMTP-Authentication to my server, but is blocked due to sender verify callouts:

SMTP: mail.domainhostedhere.com - SMTP Auth enabled
POP3: mail.domainhostedhere.com
POP3 Username: [email protected]

TO: [email protected]
FROM: [email protected]

When she sends this message with SMTP-Auth via my server, the logs show:

2008-02-16 17:02:00 H=c-12-34-56-78.hsd1.ma.comcast.net (herpc) []
sender verify defer for <[email protected]>: response to
"RCPT TO:<[email protected]>" from
mail.nothostedhere.com [] was: 450 4.7.1
<[email protected]>: Recipient address rejected: Bad data on input

2008-02-16 17:02:00 H=c-12-34-56-78.hsd1.ma.comcast.net (herpc) []
F=<[email protected]> temporarily rejected RCPT
<[email protected]>: Could not complete sender verify

The IP has already been added to the Sender Callout whitelist,
but since it isn't the IP connecting to us, it isn't helping. The IP
connecting to us is the end-user's dynamic ISP IP, currently, who uses us for SMTP mail.

Again, this is an authenticated user trying to send a message. How can I stop
the server from enforcing Sender Verify Callouts for authenticated SMTP users?
Or for certain domains? Or other ideas?


- Scott

cPanel Ticket #237522


Apr 25, 2005
I would add that we have a situation where a user has a POS program with a hardcoded from that sends them a report every night. The program is authenticating when connecting but the mail get rejected because of the call out, if the user authenticates the sender verify check should be bypassed, i only want to reject mail with incorrect from addresses if it's from an unknown third party. I can hardcode a bypass for an ip but not if the user is authenticated.