On Tue, Mar 04, 2003 at 05:47:32PM -0800, [EMAIL PROTECTED] wrote:
> Actually the intent is not to identify spam per se...
> the system I'm building already has a pretty
> tight anti-spam in that messages are only accepted
> if the recipient has previously authorized the
> sender (e.g. senders are present in the recipient's addressbook).
...
> So what I ended up with was
> to only accept empty sender messages that are
> of the type multipart/report, and deny all others.
> I'm just wondering if the "deny all others"
> (with empty sender) will present a problem.
It will, in that you will lose some bounces.
With a system where you only receive mail from whitelisted senders, then for
DSNs a better heuristic might be to check whether any of those addresses
appears anywhere in the body: i.e.
"Message failure, I was unable to deliver your message to [EMAIL PROTECTED] ..."
^^^^^^^^^^^
Of course this doesn't work with stupid MS systems which say
"Unable to deliver to \\\xyz\\abc\foobar at WINNT3"
but it might be reasonable.
Otherwise, how about using VERP? In other words, send your outgoing mail as
MAIL FROM:<[EMAIL PROTECTED]>
RCPT TO:<[EMAIL PROTECTED]>
where 'cookie_1234_7890' is a pseudo-random authenticated value which is
valid for say a week. Then any incoming messages to 'fred-cookie_1234_7890'
are automatically whitelisted for that period.
You will *still* get stupid MS systems which send DSNs to the 'From:' header
address instead of the envelope (MAIL FROM) address. That's why sometimes
when you post to a mailing list, you get vacation autoreplies which should
have gone to the list owner.
But I think it's a stronger solution than just letting through DSNs based on
MIME structure.
Regards,
Brian.
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
