The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Should we all turn off the abusive Sender Callouts?

Discussion in 'General Discussion' started by SuperBaby, Jan 23, 2008.

  1. SuperBaby

    SuperBaby Well-Known Member

    Joined:
    Nov 27, 2003
    Messages:
    331
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Thailand
    cPanel Access Level:
    Website Owner
    Twitter:
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,480
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  3. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,384
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    I liked sender callouts, I thought the concept was beneficial. But I suppose I could see where some extra resources could be tied up with this.

    If all mail systems handled mail correctly, then I don't think it would be an issue. If all callbacks were done using the proper null envelope-sender, and if all servers properly accepted the null-sender, then there would be no cause for an infinite loop.

    If someone sends a message to you and your server does a callback, then it would connect back to that server, try to send a message to that sender using the null sender (the empty sender). If that server is going to try and do a callback, I'd like to see who it tries to callback on since the envelope-sender in that request would be empty.

    Unfortunately, not all mail servers properly handle the null-sender. They through up an error as soon as the null sender is given as the envelope-sender or refuse to go any further and check the recipient after seeing this sender.

    The other sad part is that there are several, several companies out there that thing its OK to send out a message from a non-existent e-mail address. If your server is doing sender callouts, then messages from these non-existent senders will fail. Why a company wants to use this type of strategy is beyond me.

    Having sender callouts enabled will result in less spam, because your server won't process mails that come from non-existent senders, which is commonly what spammers use. It also means that for every message that gets sent to your box, your server is then turning around an opening another SMTP connection to that sender's host (Exim does using a caching mechanism that helps). So it probably does mean that you are using more resources. If you have sender callouts enabled, this also means that you are not receive a lot of e-mail from legitimate companies who just aren't that bright when it comes to constructing an e-mail message. I know back when I had sender callouts enabled, there was a large credit card company who sent out notices using an invalid sender address, thus these messages were always rejected. Either the company didn't care if their users got their message, or they didn't put a lot of thought into constructing an e-mail message.

    Because of the problems I had with so many larger companies refusing to use valid sender addresses in their message, I had to disable sender callouts on our server.
     
  4. SuperBaby

    SuperBaby Well-Known Member

    Joined:
    Nov 27, 2003
    Messages:
    331
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Thailand
    cPanel Access Level:
    Website Owner
    Twitter:
    Thank you sparek-3 for your explanation.

    If I were to turn on Sender Callouts, which are the WHM settings should I set in order not to result in infinite loop?
     
  5. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,384
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    As I understand it exim by default (or at least the cPanel version of exim) handles callout correctly. It does a callout using the null sender. I believe Exim 4.60 added the functionality to specify what envelope address to use in the callout, its part of the option list for the callout method in the exim configuration, but if nothing is listed it uses the null sender.

    I've got some information posted at:

    http://spareknet.org/articles/callouts.php

    concerning sender callouts. It just basically explains how a callout works.
     
  6. SuperBaby

    SuperBaby Well-Known Member

    Joined:
    Nov 27, 2003
    Messages:
    331
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Thailand
    cPanel Access Level:
    Website Owner
    Twitter:
    Great article. Thank you for sharing.
     
Loading...

Share This Page