Invalid address accepted?

Hello,

I noticed a frozen bounce in our mail queue for a message which seems to
have come from (envelope sender)
'4526433.tHjd3LnMP.@...'.

As far as I can tell, the '.@' part of the address is invalid according
to RFC2822. So why did exim accept it if it is syntactically invalid?

The message passed through our mailhub and onto an Exchange server,
which rejected the address and caused the bounce to go back out. The
Exchange server gave the error: 501 5.1.7 Invalid address.

We are using exim 4.69.


Thanks,

John.

--
---------------------------------------------------------------
John Horne, University of Plymouth, UK  Tel: +44 (0)1752 587287
E-mail: John.Horne@...       Fax: +44 (0)1752 587001

--
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

John Horne wrote:
> I noticed a frozen bounce in our mail queue for a message which seems to
> have come from (envelope sender)
> '4526433.tHjd3LnMP.@...'.
>
> As far as I can tell, the '.@' part of the address is invalid according
> to RFC2822. So why did exim accept it if it is syntactically invalid?

The more appropriate question to ask is why would exim not deny a non
existing email address at smtp connect? That way the least bandwidth
will be (ab)used.

But the answer for both is because it has not been configured to do so.
Either by whoever installed it or maybe it's by default. You can find
out in the manual, http://www.exim.org/index.html, how to tell exim to
refuse non existing addresses and/or syntactically incorrect addresses.

Greetings,
Jeroen

--
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

On Wed, 2009-07-08 at 16:57 -0700, Jeroen van Aart wrote: Yes, I realise that but my question is why accept an invalid address in
the first place? If I send a message with the address
'fred@@example.com' exim rejects it with a 'domain missing or malformed'
error. That isn't something I have configured, it is exim recognising an
invalid address. So why not do the same with '.@'?



John.

--
---------------------------------------------------------------
John Horne, University of Plymouth, UK  Tel: +44 (0)1752 587287
E-mail: John.Horne@...       Fax: +44 (0)1752 587001

--
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

On Thu, 9 Jul 2009, John Horne wrote:

I do not know the answer to this, however it was discussed a while back on
the list, and someone produced a set of ACL checks that did further
analysis than exim's default check.  According to my note, this was to
catch for addresses that Exchange wouldn't accept, to help prevent a site
with an Exim front-end accepting and relaying a message to an internal
Exchange host that wouldn't accept, causing a bounce.  I don't have the
original thread (it was only a few months ago), but here are the ACLs I
now use based on it (and my thanks to the original author):

  ## malformed sender addresses not detected by Exim itself
  ## Exchange will reject these apparently.
  warn
        message = Syntax error sender address <${lc:$sender_address}> \
                  (consecutive dots).\n\
                  REFUSENOTICE
    log_message = MSGTAG_MALFORMEDSENDERADDRCONSDOTS: \
                  Rejected syntactically invalid sender address \
                  (consecutive dots) \
                  from <${lc:$sender_address}>
        senders = ^.*[.][.]

  warn
        message = Syntax error sender address <${lc:$sender_address}> \
                  (leading dot).\n\
                  REFUSENOTICE
    log_message = MSGTAG_MALFORMEDSENDERADDRLEADINGDOT: \
                  Rejected syntactically invalid sender address \
                  (leading dot) \
                  from <${lc:$sender_address}>
        senders = ^[.]

  warn
        message = Syntax error sender address <${lc:$sender_address}> \
                  (trailing dot).\n\
                  REFUSENOTICE
    log_message = MSGTAG_MALFORMEDSENDERADDRTRAILINGDOT: \
                  Rejected syntactically invalid sender address \
                  (trailing dot) \
                  from <${lc:$sender_address}>
        senders = ^.*[.][@]

  warn
        message = Syntax error sender address <${lc:$sender_address}> \
                  (double-quote localpart).\n\
                  REFUSENOTICE
    log_message = MSGTAG_MALFORMEDSENDERADDRDBLQLOCALPART: \
                  Rejected syntactically invalid sender address \
                  (double-quote localpart) \
                  from <${lc:$sender_address}>
        senders = ^["]["][@]

  warn
        message = Syntax error sender address <${lc:$sender_address}> \
                  (8-bit characters).\n\
                  REFUSENOTICE
    log_message = MSGTAG_MALFORMEDSENDERADDR8BIT: \
                  Rejected syntactically invalid sender address \
                  (8-bit characters) \
                  from <${lc:$sender_address}>
        senders = \N^[^@]*[\x80-\xFF][^@]*\@.*\N

I also have the following stuff commented out; I suspect this was taken
directly from the original post and kept for reference:

# Deny any message whose envelope sender address has consecutive dots (illegal)
# (do this for all messages irrespective of recipient's spam preference
#  because Exchange will reject them if we attempt to deliver)
#deny senders = ^.*[.][.]
#     message = Sender address syntax error (consecutive dots): $sender_address
#
# Deny any message whose envelope sender address starts with a dot (illegal)
# (do this for all messages irrespective of recipient's spam preference
#  because Exchange will reject them if we attempt to deliver)
#deny senders = ^[.]
#     message = Sender address syntax error (leading dot): $sender_address
#
# Deny any message whose envelope sender address ends with a dot (illegal)
# (do this for all messages irrespective of recipient's spam preference
#  because Exchange will reject them if we attempt to deliver)
#deny senders = ^.*[.][@]
#     message = Sender address syntax error (trailing dot): $sender_address
#
# Deny any message whose envelope sender address is ""@some.domain
# (do this for all messages irrespective of recipient's spam preference
#  because Exchange will reject them if we attempt to deliver)
#deny senders = ^["]["][@]
#     message = Sender address syntax error: $sender_address
#
# Deny any message whose envelope sender address contains 8-bit characters,
# a violation of RFC2821 and only done by spammers.
# (do this for all messages irrespective of recipient's spam preference
#  because Exchange will reject them if we attempt to deliver)
#deny senders = \N^[^@]*[\x80-\xFF][^@]*\@.*\N
#     message = Sender address syntax error (8 bit characters): $sender_address

Jethro.

.  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .
Jethro R Binks
Computing Officer, IT Services, University Of Strathclyde, Glasgow, UK

--
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

On Thu, 2009-07-09 at 10:05 +0100, Jethro R Binks wrote: Okay, thanks for this. I'll check the archives, and since you seem to
have quoted the original poster it should be easy enough to locate the
thread.



John.

--
---------------------------------------------------------------
John Horne, University of Plymouth, UK  Tel: +44 (0)1752 587287
E-mail: John.Horne@...       Fax: +44 (0)1752 587001

--
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/