Hi all, in the forum we came across a problem.
Assume message-ID signing and/or BATV-tagging is configured. Mails to local webmaster@... or postmaster@... are currenty never blocked for a missing message-Id signature (except the mail matches redRe). This also applies to a bad BATV. The logic behind this behavior is not fully clear. These checks are only done for bounce mails (senders are: BounceSenders , postmaster@ , null sender <>). Thinking about BounceSenders and null sender - these sender addresses are only used for NDR's, but a NDR should be checked by these features. Remains the mails sent by a foreign postmaster to the local postmaster - which can be important mails (eg informations about abuse, miss configuration or other problems). They will fail the backscatter checks to 100%, because the sender is a BounceSender and those mails will never contain valid message signatures or BATV-tags. 1. I'll remove the webmaster check - this makes no sense to me 2. I'll continue to skip the message signature/BATV check for mails postmaster->postmaster It is currently unclear to me, how we can detect abuse mails postmaster->postmaster. Most of such mails are SPAM. But some of those mails may contain important information, and they can be written in english or any local language and the may contain even spammy content (eg. in explanations). Now, someone may ask: if a foreign admin wants to contact a postmaster, will he/she use the postmaster address as sender address? - IMHO no, but I'm not sure. In my opinion, the current logic should be completely removed - even a very small amount of mails (postmaster->postmaster) will be blocked. suggestions are welcome Thomas DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! *******************************************************
_______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
