On Thu, 9 Jul 2009, John Horne wrote:
> On Wed, 2009-07-08 at 16:57 -0700, Jeroen van Aart wrote:
> > John Horne wrote:
> > > I noticed a frozen bounce in our mail queue for a message which seems to
> > > have come from (envelope sender)
> > > '[email protected]'.
> > >
> > > As far as I can tell, the '.@' part of the address is invalid according
> > > to RFC2822. So why did exim accept it if it is syntactically invalid?
> >
> > You can find out in the manual, http://www.exim.org/index.html, how to tell
> > exim to
> > refuse non existing addresses and/or syntactically incorrect addresses.
> >
> Yes, I realise that but my question is why accept an invalid address in
> the first place? If I send a message with the address
> 'fred@@example.com' exim rejects it with a 'domain missing or malformed'
> error. That isn't something I have configured, it is exim recognising an
> invalid address. So why not do the same with '.@'?
I do not know the answer to this, however it was discussed a while back on
the list, and someone produced a set of ACL checks that did further
analysis than exim's default check. According to my note, this was to
catch for addresses that Exchange wouldn't accept, to help prevent a site
with an Exim front-end accepting and relaying a message to an internal
Exchange host that wouldn't accept, causing a bounce. I don't have the
original thread (it was only a few months ago), but here are the ACLs I
now use based on it (and my thanks to the original author):
## malformed sender addresses not detected by Exim itself
## Exchange will reject these apparently.
warn
message = Syntax error sender address <${lc:$sender_address}> \
(consecutive dots).\n\
REFUSENOTICE
log_message = MSGTAG_MALFORMEDSENDERADDRCONSDOTS: \
Rejected syntactically invalid sender address \
(consecutive dots) \
from <${lc:$sender_address}>
senders = ^.*[.][.]
warn
message = Syntax error sender address <${lc:$sender_address}> \
(leading dot).\n\
REFUSENOTICE
log_message = MSGTAG_MALFORMEDSENDERADDRLEADINGDOT: \
Rejected syntactically invalid sender address \
(leading dot) \
from <${lc:$sender_address}>
senders = ^[.]
warn
message = Syntax error sender address <${lc:$sender_address}> \
(trailing dot).\n\
REFUSENOTICE
log_message = MSGTAG_MALFORMEDSENDERADDRTRAILINGDOT: \
Rejected syntactically invalid sender address \
(trailing dot) \
from <${lc:$sender_address}>
senders = ^.*[...@]
warn
message = Syntax error sender address <${lc:$sender_address}> \
(double-quote localpart).\n\
REFUSENOTICE
log_message = MSGTAG_MALFORMEDSENDERADDRDBLQLOCALPART: \
Rejected syntactically invalid sender address \
(double-quote localpart) \
from <${lc:$sender_address}>
senders = ^["]["]...@]
warn
message = Syntax error sender address <${lc:$sender_address}> \
(8-bit characters).\n\
REFUSENOTICE
log_message = MSGTAG_MALFORMEDSENDERADDR8BIT: \
Rejected syntactically invalid sender address \
(8-bit characters) \
from <${lc:$sender_address}>
senders = \n...@]*[\x80-\xff][^@]...@.*\n
I also have the following stuff commented out; I suspect this was taken
directly from the original post and kept for reference:
# Deny any message whose envelope sender address has consecutive dots (illegal)
# (do this for all messages irrespective of recipient's spam preference
# because Exchange will reject them if we attempt to deliver)
#deny senders = ^.*[.][.]
# message = Sender address syntax error (consecutive dots): $sender_address
#
# Deny any message whose envelope sender address starts with a dot (illegal)
# (do this for all messages irrespective of recipient's spam preference
# because Exchange will reject them if we attempt to deliver)
#deny senders = ^[.]
# message = Sender address syntax error (leading dot): $sender_address
#
# Deny any message whose envelope sender address ends with a dot (illegal)
# (do this for all messages irrespective of recipient's spam preference
# because Exchange will reject them if we attempt to deliver)
#deny senders = ^.*[...@]
# message = Sender address syntax error (trailing dot): $sender_address
#
# Deny any message whose envelope sender address is ""@some.domain
# (do this for all messages irrespective of recipient's spam preference
# because Exchange will reject them if we attempt to deliver)
#deny senders = ^["]["]...@]
# message = Sender address syntax error: $sender_address
#
# Deny any message whose envelope sender address contains 8-bit characters,
# a violation of RFC2821 and only done by spammers.
# (do this for all messages irrespective of recipient's spam preference
# because Exchange will reject them if we attempt to deliver)
#deny senders = \n...@]*[\x80-\xff][^@]...@.*\n
# message = Sender address syntax error (8 bit characters): $sender_address
Jethro.
. . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks
Computing Officer, IT Services, University Of Strathclyde, Glasgow, UK
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
