JT Moree a écrit : > I was thinking of rejecting mail when the MAIL FROM is empty or set to > <> during the MAIL FROM stage. > > Is this a good or bad idea? > Is this possible with any of the current plugins?
As said by others this is not a good idea to block all MAIL FROM: <> but you could block illegitimate bounces using BATV or VERP. Unfortunately, you'll need to modify qmail-remote to make it work. See this thread: http://beta.nntp.perl.org/group/perl.qpsmtpd/2004/09/msg1967.html Here's a part of a message I wrote in 2004 describing BATV and VERP: BATV stands for Bounce Address Tag Validation and VERP stands for Variable Envelope Return Path. The principle behind these two concepts is to validate the bounces you receive. OEvery time you send an email, you set the envelope sender address to a one-time address only valid for this message. If the message bounces to this one-time address, then you know for sure what message bounced. If a forged message bounce, then you know for sure that you never sent this message and you can bounce the bounce. It's like SPF classic but 200 lbs lighter. Of course, this implies that all of your outgoing email came from authorized servers (who had the BATV/VERP key). More infos: http://cr.yp.to/proto/verp.txt http://mipassoc.org/batv/ Also, where can I find your PGP key? I can't find it in any of the key servers I know. Cheers, GFK's -- Guillaume Filion, ing. jr PGP Key and more: http://guillaume.filion.org/
signature.asc
Description: OpenPGP digital signature