Peter J. Holzer wrote:
On 2005-03-05 19:19:28 +0000, [EMAIL PROTECTED] wrote:
On Sat, 5 Mar 2005, Matt Sergeant wrote:
On 5 Mar 2005, at 10:48, [EMAIL PROTECTED] wrote:
Is there a way to pull a complete (envelope) sender address into aNot without upgrading. If you upgrade you can use
plugin as a single pointer/variable?
connection->notes('original_string') to do whatever you need.
Something to look forward to - thanks.
What about any "built-in" address verification? Does qpsmtpd do
any? Some? Complete? I'm still at 0.26 on the old mail server.
0.26 used Mail::Address for parsing addresses, which is really intended
to parse RFC2822 addresses, not envelope addresses. This has been
changed in the meantime. Qpsmtd::Address is supposed to check if the
syntax conforms to RFC 2821 (I think its too forgiving about malformed IPv6 address literals and it may not recognize some obsolete forms as
valid).
This is strictly a syntax check, though - no semantic verification is "built-in". This should be left to plugins, IMHO.
hp
I think address checking is impossible. Checking for open relay(connected MX not in dns for From:) and rfc-ignorant mta is what an address check really does.
badhelos are looked for, but only if you have them in a config file. Nobody knows if there are no email users in virtual domains with websites. ldap directories are not universal. No finger, ident, auth, or directory method is universal. If we sent an email to check an address, we'd look exactly like a dictionary scan if a spammer had set us up with a false From:.
Check the MX for the domain in dns to see if the mta now connected is an authorized mta for the From: domain. If not, we're done(can't require spf but MX in dns is fair to require, because otherwise it's an "open relay"), if so, we might check to see if the mta will accept a connection From: as To:(and From: <>?).
If the From: mta won't even accept bounces or connect for that From: as To:, then we broke a spammer and we're done.
With qpsmtpd in normal config, we'd have to go all the way to qmail queue to find out if a user was really there. If we play along that far, we're looking like a dictionary scan if the spammer set us up with a false From:.
Since I found out rfc-ignorant is blacklisting yahoo for failing to notify rfc-ignorant after closing a spammer account rfc-ig wanted closed, and not for refusing to shut down a spammer(2002), I'd prefer to do my own rfc-ignorant check. An address check is not really an address check for valid address--it's really a minimal mta check for ignorance.
-Bob
