Since a "<>" is a valid MAIL FROM, what are valid scenarios when mail
servers would legitimately provide a "<>"? Besides a DSN notification, is there any other type of message which legitimately provides the empty sender?
No.
Is there some other header information which I could look at to "authenticate" the empty sender?
No.
In other words, if the junk mailers out
there are sometimes using the "<>" empty sender, is there a way for me to tell whether this particular smtp session should or should not have an
empty sender? Again, the objective here is to allow empty sender messages to pass through, but only if the empty sender seems "legitimate".
There is no absolute format for legitimate delivery status notifications.
RFC 1894 specifies a DSN format that's used by a good, but not a total near majority of mail servers. There are still other mail servers that generated non-RFC 1894 DSNs, notably Qmail.
If you do not mind a small false-positive rate, you might consider filtering out mail with an empty sender whose contents do not parse as either RFC 1894, or Qmail's bounce format (which you can get from Qmail's documentation). What gets filtered out will mostly be spam, but may include an occasional oddball-looking DSN.
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
