The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Sender Callouts

Discussion in 'General Discussion' started by sparek-3, Jun 23, 2007.

  1. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,381
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    I'm curious as to how many other hosting companies are doing a sender callout for all incoming mail into their servers? Callouts would verify the validity of the envelop-sender of an incoming message.

    We are starting to get a few complaints regarding the callout system. Personally, I think it is a good system that blocks a lot of spam, but obviously if the majority of users are complaining, then the system is not very effective. I'm not really anywhere near having the majority of users complain, but I have gotten enough complaints to raise some questions.

    So I'm just curious how many other hosting companies utilize sender callouts? If you do use sender callouts, how do you explain to users that complain about the system interfering with mail coming from mail servers that either do not adhere to standards or are sending out e-mail messages from invalid e-mail addresses?
     
  2. pross

    pross Well-Known Member

    Joined:
    Mar 14, 2005
    Messages:
    75
    Likes Received:
    0
    Trophy Points:
    6
    If i turn that feature ON, yes i get practically no spam at all, but i also get 99% of all email dropped, probably because nearly all email servers are non compliant and setup wrong.
     
  3. SageBrian

    SageBrian Well-Known Member

    Joined:
    Jun 1, 2002
    Messages:
    415
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    NY/CT (US)
    cPanel Access Level:
    Root Administrator
    99% ???
    Wow.
    I don't have that problem at all. I'm not getting as many complaints in recent months as I did last year.
    And when there is a problem, I simply note that we follow standards, and the others don't.

    There still seems to be some problems with auto-replies from some servers, like when you join a forum or newsletter. If they are sending from an invalid address, like 'bounce@domain', then those aren't coming thru. And when you tell those webmasters about 'standards', they hopefully get on their server admins.

    Turn it on and see how it works for you. The concept is simple: would you accept a package in the mail with no return address? Or the return address was 123 Main St, Anywhere? (obviously fake) No.
    Would you let strangers in your house with obvious fake IDs, like they printed them on a cheap printers?
     
  4. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,381
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    I don't think I lose 99% of the e-mail. I also don't have a lot of complaints, but I've started getting enough that I am getting a little concerned.

    SageBrian, how do you keep your clients satisfied when they learn that they are losing messages from those non-compliant servers? That is the issue that I have run into. Our clients don't care if the other servers are at fault or non-compliant. They simply come back with "the message gets to my Yahoo account, why doesn't it reach my domain's mailbox?" I tell them that the issue is with the sending server or with the way the sender is sending the message, but they just don't want to hear it. The callout system seems to be a very, very tight rope between keeping customers happy and satisfied, while also implementing the callout system to reduce the amount of spam on the server.

    Recently we ran into an issue where nytimes.com was sending out a newsletter from an address that does not exist. In my opinion, this is wrong, but how do you tell that to nytimes? NYTimes is not going to listen to me and it just seems like there aren't enough people using sender callouts or those that are doing sender callouts are allowing for whitelisting. I do have a whitelisting system in place, but to whitelist a sender's domain is just wrong. But at the same time, I feel that I have had to adopt the whitelisting system because nobody wants to listen to me when I say that the sending server is in the wrong. All of this goes back to technically, there is nothing wrong with sending out an e-mail message using an envelope sender that does not exist (at least I'm not aware of a standard that says this must be true). Perhaps this is what ultimately needs to be done. Perhaps an RFC needs to be drafted that states that to send out an e-mail message the address used for the envelope sender must also accept mail. This would give something to point to when regarding nytimes.com and other domains that are sending out newsletters and other messages from non-existant addresses.

    In regards to the bounce@domain.com addresses that are failing, we use noreply addresses with our hosting company. However we just set up noreply@domain.com to forward to :blackhole: which causes our mail servers to accept the messages but any message to that address is immediately deleted. Granted the :fail: and :blackhole: objects are really a function of the Exim MTA, I suspect that there are other methods of doing this for other MTAs. But I don't know how you get that across to other larger corporations like NYTimes.

    Am I wrong in regards to any of this? I'm asking, because maybe I'm missing something some where. I don't think a lot of hosting companies are using sender callouts, and therefore they are not getting hit a lot by this. But I think using sender callouts is one of the better ways to prevent spam from ever coming into your mail server. Just like SageBrian stated, you wouldn't accept a package from someone you knew did not exist.
     
  5. daves

    daves Registered

    Joined:
    Mar 21, 2007
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    beating the sender verify blues

    try setting up a whitelist for the blocked email addresses. That's what I've done and it tends to keep the most vocal clients happy. Of course if they don't know they are missing mail, it doesn't help, but once they discover who can't send to them, it really helps.
     
  6. SageBrian

    SageBrian Well-Known Member

    Joined:
    Jun 1, 2002
    Messages:
    415
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    NY/CT (US)
    cPanel Access Level:
    Root Administrator
    I had the exact thing happen a couple weeks ago with nytimes.
    I do the same thing you do, tell them NYtimes is sending from an invalid address, and all nytimes needs to do is accept mail from the address they are sending to.
    Of course, the reply is "how am I going to get NY Times to do that?"

    I tell them I'll let NYTimes know of the issue, and I then whitelist the sending server's IP for a time.
    That's usually good enough.

    If they are very vocal about it, and don't think any of their mail should be 'blocked', I simply say OK, and I remove their spam scanning. I then temporarily disable Sender Callout.

    The client gets a flood of junkmail, and then they make a decision of whether they want the junk, or the occasional blocked mail from NYtimes.

    The best we can do is simply follow the standards, and educate the client about them.
     
Loading...
Similar Threads - Sender Callouts
  1. hamed5034
    Replies:
    1
    Views:
    362

Share This Page