We've had a couple of incidents where people's mailboxes have been
inundated with backscatter because spammers have been forging their
e-mail address as the sender of spam. I'm ready to reject all mailed-
back non-delivery reports, if sendmail could do that, but I'm wondering
if DCC has a way to do it. Perhaps DCC could be more selective.
A sendmail log entry looks like this:
Aug 22 09:20:52 electra sm-mta[19211]: [ID 801593 mail.info]
l7MEKpTH019211: from=<>, size=12709, class=0, nrcpts=1, msgid=<[EMAIL
PROTECTED]>, proto=ESMTP, daemon=MTA, relay=bounce02.msg.oleane.net
[62.161.4.52]
In this instance, the backscatter is from France Telecom. Their MX is
ironport.dih.oleane.net, which suggests it's one of those lovely
anti-spam appliances that's doing the dirty work.
When the message is delivered here, the interesting headers are:
Return-Path: [EMAIL PROTECTED]
From: Mail Delivery Subsystem <[EMAIL PROTECTED]>
Message-Id: <[EMAIL PROTECTED]>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="l7LH0N1O005470.1187715623/smtp08.msg.oleane.net"
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)
X-DCC-UofM-Metrics: electra 1033; Body=1 Fuz1=1 Fuz2=1
Is there anything here that DCC can grab onto?
--
-Gary Mills- -Unix Support- -U of M Academic Computing and Networking-
_______________________________________________
DCC mailing list [email protected]
http://www.rhyolite.com/mailman/listinfo/dcc
