Running Astaro 6.313
We've already disabled "Use BATV" under Proxies - SMTP (which only refers to outgoing mails if I'm not mistaken?) because we ran into trouble with several external recipients. Not too many, but the problem with unexpected bounces is not the biggest anyway.
But we do use "Verify Sender". Whenever we run into an RFC-ignorant site (that does not accept <> as a sender), we usually add them to our whitelist (they are customers after all).
I had assumed that astaro is BATV-aware as it can be configured to use it for outbound mails.
However, we quite often find log entries showing that legal incoming mail is rejected because of a failed sender verification, where the failed address clearly indicates that the sender is actually implementing BATV, e.g.
sender verify fail for : response to "RCPT TO:" from mx5.remote-sender-domain.com [1.2.3.4] was: 550 #5.1.0 Rejected by bounce verification.
F= rejected RCPT : Sender verify failed
While we might add the corresponding mail servers to white lists, this does not seem to be a good idea: All other reasons to add a server to the whitelist are that the remote site is not (yet) compliant to some of our anti SPAM measures; growing awareness should make the whitelist entries obsolete after some time so they may be subject to revision and one should expect the number of new bad hosts to become less and less over time (e.g. I dream of more and more sites losing their RFC-ignorant status).
If on the other hand growing awareness causes more and more sites to implement BATV, my whitelist may have to grow faster and faster, which is of course bad.
Ths the question is: Is there a general method to correct this behaviour (without disabling "sender verify"?
Or is this really caused by the remote sites implementing BATV not completely correctly?
Thanks for any hints
This thread was automatically locked due to age.
