The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Sender Verification

Discussion in 'E-mail Discussions' started by chuza, May 20, 2010.

  1. chuza

    chuza Well-Known Member

    Joined:
    Jul 4, 2008
    Messages:
    47
    Likes Received:
    0
    Trophy Points:
    6
    Does 'sender verify' in exim configuration enable verification of existence of the emails being received by my server or sent by my server.
    I do an 'exim -bp' and find messages like this

    Code:
    72h  8.0K 1OE4Y4-0005oA-Hj <>
              abc@anonymous.com
    
    Can someone tell me if enabling sender verification will stop sending of these messages from my server to xyz remote addresses.
     
    #1 chuza, May 20, 2010
    Last edited: May 20, 2010
  2. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    I cannot accurately determine what precisely will help without seeing the full, verbose message headers, and being able to compare the e-mail header information with that from the Exim log data, Exim MTA configuration, and the configuration of e-mail features within the applicable cPanel account(s).

    The null sender leads me to believe it may be a bounce message, but one that I would venture to guess may have failed.

    1.) Are the username and domain name provided munged or are they provided as-is from the Exim CLI output?

    2.) Have you examined the full message headers to determine where the original e-mail was destined, i.e., what recipient address on your server was targeted?

    3.) Does the recipient address exist as an e-mail account, e-mail forwarder, or was it received due to a default address being used as a catch-all?

    4.) Do you have the following option enabled or disabled?
    WHM: Main >> Service Configuration >> Exim Configuration Editor >> Standard Options >> Filters
    • SpamAssassin™: Bounce mail when the spam score is above this number.
      Reject mail with a bounce message (not at SMTP time) when the spam score is greater than [this number].

    Instead of having your server reject by sending a bounce message, I recommend using available options that have Exim reject messages at SMTP time; as with other Exim configuration options they can be accessed via WHM at the following menu path: WHM: Main >> Service Configuration >> Exim Configuration Editor

    As compared below, I recommend using "Sender Verification" but I do not recommend using "Sender Verification Callouts":
    WHM: Main >> Service Configuration >> Exim Configuration Editor >> Standard Options >> Mail
    • Sender Verification - Verify that the domain mail reports as it origin actually exists.
    • Sender Verification Callouts - Use callouts to verify the existence of email senders. Exim will connect to the mail exchanger for a given address to verify it exists before accepting mail from it.
     
  3. chuza

    chuza Well-Known Member

    Joined:
    Jul 4, 2008
    Messages:
    47
    Likes Received:
    0
    Trophy Points:
    6
    No, its not a bounce message as some messages with blank sender have hundreds of recipients from yahoo, aol addresses and some messages have been reported back as spam abuse reports.

    I changed the actual address, but the format was same. I checked logs and they show nothing. same blank address as sender and no 'cwd' which normally shows the path of the script sending the email.

    Did an 'exim -Mvb msgID' and it was a spam email.

    Yes, hundreds of them seem to be valid addresses. I only pasted one abc@anonymous.com but there are hundreds of recipient addresses for individual message IDs when I do an 'exim -bp'.

    I see no such option in exim configuration >> standard options >> filters. I have enabled sender verification enabled for the past few days but still see such messages. in the queue. Some of them get frozen and eventually end up clearing them up but spam abuse reports received do suggest that spam was sent. I will check into the documentation you quoted Don. Thanks for that.
     
Loading...

Share This Page