I guess my questions are:
1. Is there a mimedefang rule (or sendmail config option) that would
detect that the Envelope and Header senders differ?
2. Are there "legitimate" reasons that the these headers may differ (I
don't want to trigger false positives).
It's OK if they differ, but you might want to reject if the header
From: has no @domain in it. That's never right.
This and some other interesting tests can be done by opening HEADERS,
which can be done a few ways, but one way is just:
if (open(IN,"<./HEADERS")) {
while(<IN>) {
chomp;
if (/^From: (.*)/i) { $from = $1; }
# and other headers of interest...
}
}
close(IN);
What we do is fix this for mail from our own users, and otherwise reject
the message. $good equals 1 if the sender used smtp auth or was on our
own webmail or shell login hosts. Sendmail already tested that the
envelope $Sender was fully qualified.
# No @ in the From: line (fix it for local users)
# We also test that there is at least one dot in the string after the @
if ($from !~ /[EMAIL PROTECTED]/) {
if ($good == 1) {
md_graphdefang_log('modify',
"Bad From $from changed to $Sender");
action_change_header("From","$Sender");
}
else {
md_graphdefang_log('bounce',
"Unqualified From: $from",$RelayAddr);
action_bounce("Unqualified From: header $from");
return action_discard();
}
}
Joseph Brennan
Columbia University Information Technology
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
