On 8/20/10, David Woodhouse <[email protected]> wrote: > Error. The autoresponse should have MAIL FROM:<> and thus should never > be able to trigger a bounce. If your autoresponse don't have an empty > sender, they are a DoS attack waiting to happen. As you seem to be > finding out. > >> User A receives bounce and sends a mailbox full bounce >> Sender B server receives bounce and also sends back a mailbox full >> bounce... > > This is an even more egregious error. Your bounces absolutely *MUST* be > sent with the empty sender, and must never trigger more bounces in > return.
Thank you so much for pointing this out! The original exim configuration/installation was done by a third party vendor so again I made the mistake of assuming they knew what they were doing. For some reason they did set the return-path to <> but not the "From" address. I've changed this and hopefully the mail loop will not happen again. -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
