From: Adam Gibson
Date: 2004-09-23 11:01:40 -0400
Subject: Re: milter-sender 'not answering' response
More information..: http://www.milter.info/#Support
Anthony Howe wrote:
> Grey-listing only kicks in when the call-back test results in an
> inconclusive answer: both an intended false address and the test address
> return 250 responses for the RCPT command - yahoo.com is a good example
> of this, so too are many secondary MXes that blindly accept anything for
> their domains.
> If all the MXes, primary and secondary, upto MxCallBackMaxAttempts for a
> domain fail to answer, then they are assumed bogus and the message is
> rejected with "not answering".
That explains what I am seeing. Unfortunately a few important emails
are getting rejected because of that. AOL's server
(newman.oscar.aol.com) finally started accepting connections today for
firstname.lastname@example.org so grey-listing is kicking in now, but it
seems to retry 5 times really quick when sending the emails(within 3
seconds) and then give up so grey-listing wont help there anyway. I
will just have to monitor the logs looking for false positives to add to
the access db.
>>constantly give the response of 'not answering' from automated
>>systems(incoming mail from automated aol password reset requests,
>>entrust cert renewal reponses, etc). The mail servers try to resend it
>>later but we still give the same response.
> If you haven't already, add SPF records for your domain. AOL has many
> multi-homed MXes and one or more of them usually answers. AOL may be
> rejecting the call-back based on lack of an SPF record. This is not certain.
I do not think the SPF records are the issue. The email in question is
email@example.com which does not have any MX records and the
host itself was not responding to connections yesterday. The email
address is sent by aol for password reset requests and not a general
@aol.com email address.
I am still waiting to see what becomes a standard before trying to
implement SPF. Last time I looked at that there were issues when users
have to send email through their ISPs.
Thanks for the response. That clears things up for me.
Copyright 2009, 2012 by SnertSoft. All rights reserved.