I guess to be rfc-compliant and to handle rfc-ignorant probes
for bounce compliance I would have to accept non-SRS mail
to postmaster and abuse, as usual, without SRS. Then deny
non-SRS from <> or postmaster or mailer-daemon. Does that
cover it?
Gavin Carr wrote:
On Thu, Aug 18, 2005 at 12:41:21PM -0400, Bob Dodds wrote:
If using SRS, recipient not being an SRS alias is fine
unless what?
Recipient not being an SRS alias is fine. Recipient being an SRS
alias is fine unless the SRS rewrite fails. That means either it's
a bogus alias (isn't hashed with your secret), or it's timed out.
Either way you want to deny at that point.
Cheers,
Gavin
Can you think of how to prevent bounce-spoofing,
using SRS, so that not being an SRS alias is not
fine if...sender is empty or something?
bounce_verp is what I need.
http://svn.perl.org/viewcvs/qpsmtpd/trunk/plugins/bounce_verp?rev=323
The default rules for detecting a bounce are:
MailFrom = <>
or MailFrom = <[EMAIL PROTECTED]>
or MailFrom = <[EMAIL PROTECTED]>
Setting bounce_verp.bounce_heuristics makes bounce_verp look in the mail
headers for various clues too.
http://svn.perl.org/viewcvs/qpsmtpd/trunk/plugins/bounce_verp?rev=323&view=log
-Bob
