Werner Fleck wrote:
I have changed the plugin so that it, in addition to "<>" as the sender
of bounces, fires when the user part of the envelope sender is
"MAILER-DAEMON". This might not be RFC conforming, but since I get a lot
of these I am blocking them.
During a recent misdirected bounces flood (about 20,000 bounces) I
collected additional non-conforming bounce senders:
@bounces.spamarrest.com>
<MAILER-DAEMON@ (case insensitive!)
<Symantec_
<admin@ (case insensitive!)
<admin_scm@
<[EMAIL PROTECTED]>
<postmaster@ (case insensitive!)
'From' address that sends verification requests:
<[EMAIL PROTECTED]>
And finally, some (probably home-grown) MTAs show no predictable
behavior except the 'Subject' line (case insensitive!):
^delivery status notification
^failure notice
Filtering all these may be a bit aggressive, but if you provide an error
message that explains why the message is rejected, legitimate senders
can try to work around the block.
Hans
