Great Sam! Your info is very valuable, thanks once again.
I was reading up on 1894. It mentions that the From "SHOULD" contain an
address.
>From your experience, would the From always be set when a legitimate DSN
is sent (even from Qmail)? Could I consider any empty sender without a
From: header to be something invalid?
Something like,
if ($SENDER == "" && !/^From:/)
{
exit
}
(meaning, just dump the message)
Thanks for your patience!
Ricardo
====================================================
> Since a "<>" is a valid MAIL FROM, what are valid scenarios when mail
> servers would legitimately provide a "<>"? Besides a DSN notification, is
> there any other type of message which legitimately provides the empty
sender?
No.
> Is there some other header information which I could look at to
> "authenticate" the empty sender?
No.
> In other words, if the junk mailers out
> there are sometimes using the "<>" empty sender, is there a way for me to
> tell whether this particular smtp session should or should not have an
> empty sender? Again, the objective here is to allow empty sender messages
> to pass through, but only if the empty sender seems "legitimate".
There is no absolute format for legitimate delivery status notifications.
RFC 1894 specifies a DSN format that's used by a good, but not a total
near majority of mail servers. There are still other mail servers that
generated non-RFC 1894 DSNs, notably Qmail.
If you do not mind a small false-positive rate, you might consider filtering
out mail with an empty sender whose contents do not parse as either RFC
1894, or Qmail's bounce format (which you can get from Qmail's
documentation). What gets filtered out will mostly be spam, but may include
an occasional oddball-looking DSN.
