Werner Fleck wrote:
Why should I miss legitimate bounces? I thought, since I'm in control of
any mail server which might legitimately identify itself as
mydomain.com, any mail mail which has a Received: line with mydomain.com
and an ip number which does not belong to me is forged.
The reason I asked is that I'm running TMDA and about 20% of the mails
in the pending queue are bounces for such clearly forged mails. If I
could reject such mails, I could have avoided sending challenge messages
for them.
I know, it would be better if the the other mail server had not accepted
the original mail at first. I'm using SPF for my domains so that this
mail could easily be detected as not being legitimate. But then, not
everybody is using qpsmtpd.
Something like:
sub hook_data_post {
my ($self, $transaction) = @_;
# skip past headers
while (my $line = $transaction->body_getline) {
$line =~ s/\r?\n//;
$line =~ s/\s*$//;
last unless length($line);
}
while (my $line = $transaction->body_getline) {
if ($line =~ /^Received:.*YOURHOSTNAME.COM/ ||
!($line =~ /YOUR.IP.HERE/)) {
return (DENY, "Fake bounce");
}
}
?
--
Johan Almqvist
Irisveien 28
0870 Oslo
Norway
Mobile: +47 40 04 68 21
E-mail: [EMAIL PROTECTED]
