> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Behalf Of Greg A. Woods > Sent: Saturday, June 25, 2005 2:00 AM > To: Ian FREISLICH > Cc: Exim User's Mailing List > Subject: Re: [exim] a large number of domains fronted by Exim are > refusing bounces... > > [...]
> Like I said, if you think blocking SMTP transactions simply because they > arrive with an empty return path is the solution to any problem then > you're using the wrong protocol from the get go. > I have watched this thread and I believe pretty much everyone would agree with this statement if it accurately reflected your opinion but, from what I see, it does not. in practice anyone with an deny ACL that stated deny if nullsender is very, very broken. However your practical examples always seem to include both a left and right hand portion of an equation. "deny if nullsender and recipient is specific" is not rejecting simply because they arrive with an empty return path, it's because they arrive with an empty return path and they meet other criteria as well. I have several addresses that never, ever, send mail. In fact I have an ACL that will catch any attempt for one of these accounts *to* send mail. I fail to see how there could be a valid reason for any system to send mail to one of these accounts with a null sender. And then there are those systems that send "you sent a virus" bounces out from a null sender. If a system sends a message from null with a subject of "our antivirus... or your mail contained a virus, or virus detected,..." why should I accept it? One thing you know about viruses today is the sender is forged. I had a user just last month that was in several address books in a large marketing firm (she is a media buyer) and one morning she started getting about 1000 bounces an hour stating she had sent a virus. Now, granted, most came from addresses of the type mailer_daemon or mail_subsystem but 100s came from null senders and many came with the entire virus attached. Why should I accept these mails, especially when the recipient was panicked when they first began arriving before I set an ACL to trap and deny during SMTP? What is the point of using one millisecond more resource to pass through a filter or other processing when I know at DATA I don't want this? You stated there are many legitimate reasons why an account that *never* sends mail should receive mail from null sender, name three (that's only several, not many, so it should be easy) Rick -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
