On Fri, 19 Oct 2007, Alessandro Vesely wrote: > Gordan Bobic wrote: >> But now that you mentioned it - is there a way to make Courier make an >> additional check? >> >> e.g. it receives a message: >> From: [EMAIL PROTECTED] >> To: [EMAIL PROTECTED] >> >> Normally, this is not too plausible to check if from is for a non-locally >> hosted domain, but if from is from a locally hosted domain, can we make >> Courier check if from is deliverable, and if not, reject with "unknown >> sender" or some such? > > That's not one of the checks that Courier performs, AFAIK. > To carry out that check, you need to roll out your own filter.
Are there any docs on how to write filters for courier? > Actually, it is not a bad idea, since some spammers appear to be > convinced that they get a better likelihood to deliver their thing > if the sender's faked address features the same domain as the > recipient(s). > > In case you really want to check "From" and "To" as sketched above, > you may do that using a global filter. It would also be worth checking if "MAIL FROM:" is the same as "From:" and "RCPT TO:" is the same as "To:". Can anyone think of why these would ever be inconsistent in a valid email? > If you meant to check "MAIL FROM", a.k.a. Return-Path instead, you > might also do that using the maildropfilter. It is invoked for each > "RCPT TO", before receiving the body of the message. This filtering > feature can be deployed running maildrop in "embedded mode", which is > done by writing maildrop's full path in the "maildropfilter" config > file. However, one can point to whatever executable from that config > file. The running program should read the SENDER environment variable > and exit, say, 1 if it is a non-existing local domain. See > http://www.courier-mta.org/localmailfilter.html Thanks. :-) >> On a separate note, is it possible to get Courier to do return path >> verification? i.e. for the from address, look up mx, connect, and do: >> HELO, MAIL FROM, RCPT TO, QUIT, just to see if the FROM address is >> deliverable? > > Ditto for how to implement that using a filter. However, I cannot > imagine what would happen in case the remote domain filters according > to the same principle, or uses greylisting, or is temporarily down. If the remote domain filters on the same principle, spam will get through if the sender address is valid. But that's to be expected. Greylists are also OK, as it'll respond with a transient failure (which is probably as good as a "yes"). Permanent failures (e.g. no such user), OTOH, are a definite "no". If the site is down, then that's questionable, especially if all their MX-es are out of action. But it seems daft to be implementing all this in a filter. It would effectively mean implementing almost a full SMTP server. Granted, this could probably be done with a few hundred lines of Bash or Perl, but it still seems silly... And how would one filter ALL incoming email using such a filter (e.g. big virtual domain mail server)? Gordan ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
