Results 1 to 6 of 6
  1. #1

    Exim Sender Verify: yes or no?

    We had a non-client (not on our server) that was getting 550 email rejections when he attempted to email us due to having Sender Verify enabled.

    In the past I figured Sender Verify was necessary for fighting spam, amongst other things, but have realized that we may be having more rejections than we know because we never hear about them.

    Is there a general best practice in terms of enabling Sender Verify or leaving it off? I've never heard about complaints about rejects from legitimate emails senders, so it doesn't seem to be an issue, but then again, you really never know... hate to make a wrong assumption... any feedback appreciated.

  2. #2
    Join Date
    Oct 2009
    Posts
    58
    hi,

    Sender verification is new measure to try to stop and block email spam infection. You can go through the following steps on how to
    disable Sender Callouts Verification in cPanel/WHM 10.x

    #Login to the WebHost Manager.
    #On the Service Configuration section,click on Exim Configuration Editor link.
    #Uncheck and untick the checkbox next to Use callouts to verify the existence of email senders. option.
    #Press the Save button, and cPanel will auto restart Exim.

    Below is on how to disable Sender Callouts in cPanel/WHM v11

    #Login to the WHM
    #On the Service Configuration section, click on Exim Configuration Editor link.
    #Uncheck and untick the checkbox next to ** Use callouts to verify the existence of email senders. Basiclly, exim will connect to the mail exchanger for a given address to make sure it exists before accepting mail from it. option.
    #Press the Save button at the bottom of the page, and cPanel will auto restart Exim.
    Windows/Linux Expert; Plesk/Cpanel/Ensim Guru.
    ..and an expert spam tracker.

  3. #3
    Quick reply: No

    Leave it off since it is considered abuse to check the sender address. It is more often than not spoofed any way and that will cause problem for those that got their mail address spoofed on a lot of spam messages.

  4. #4
    Join Date
    Oct 2002
    Location
    State of Disbelief
    Posts
    22,951
    Quote Originally Posted by part View Post
    Leave it off since it is considered abuse to check the sender address.
    Can't say I agree with that. We have it on, as there is no legitimate reason for a mail sender to be using an address that doesn't exist.
    Having problems, or maybe questions about WHT? Head over to the help desk!

  5. #5
    Join Date
    Mar 2003
    Location
    WebHostingTalk
    Posts
    16,966
    If you have a good anti-spam configuration, leave it off.

    Aside from adding load in the mail server, there are also some providers that use an email like noreply@ which doesn't exist and this will not reach your server if sender verification is enabled.

    So, if that email is important, you might lose the very important information.
    Specially 4 You
    .
    JoneSolutions.Com ( Jones.Solutions ) is on the net 24/7 providing stable and reliable web hosting solutions and services since 2001

  6. #6
    Join Date
    Dec 2007
    Posts
    1,277
    This issue ties back to running a defensive network. Those that operate our internets do not want defensive networks. They want their networks to be able to hack, to spam, and to do whatever as long as they can say well we fixed it now or our network is too big for us to manage.

    So you'll end up on spam lists for running sender-verify but we utilize it and haven't noticed anything annoying. The only legitimate reason people talk down against it is because they do not support defensive networks.

    Just think how the world would be without caller-id in 2009, im sure those that are against sender-verify all have caller-id.

    Also if you look back on some of the rfc's you'll notice that you will find that some of todays 'anti-spam' and sites that are against running things such as sender-verify are breaking the rules for a smooth running internet.

    From what i've read and I could be wrong the utilization of blacklists in general were depreciated because of the negative impact it can have. Nobody wants spam and abuse but when you let organizations control policy that run off commercial interest; little guys find themselves forced to pay for email delivery. We have it already with governments assuring larger isps cannot have their ip space blacklisted on large scales.
    Last edited by woods01; 11-01-2009 at 08:59 AM.
    James Paul Woods
    Operations Manager
    HostKitty Internet Services

Similar Threads

  1. Sender verify failed on valid accounts
    By cuantica in forum Hosting Security and Technology
    Replies: 2
    Last Post: 11-23-2007, 09:55 PM
  2. how to disable bounces and sender verify with exim?
    By jon-f in forum Hosting Security and Technology
    Replies: 5
    Last Post: 10-12-2007, 02:51 AM
  3. sender verify callout problems
    By sytker in forum Hosting Security and Technology
    Replies: 1
    Last Post: 01-17-2007, 04:32 PM
  4. verify sender failed, main account username
    By UnrealSilence in forum Hosting Security and Technology
    Replies: 4
    Last Post: 05-10-2006, 09:41 PM
  5. exim - Could not complete sender verify callout
    By ddaas in forum Hosting Security and Technology
    Replies: 4
    Last Post: 03-31-2006, 06:04 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •