Everyone, I realized (doh!) that I neglected to attach the patch that I described below. So here it is 3 weeks later.
This is the patch to perform verify sender routine. Feedback is welcome :) ari On Tue, Mar 23, 2004 at 06:56:56PM -0500, Ari Jort wrote: > I've implemented a verify_sender routine as inspired by > the postfix address verification, noted below. Patch > is attached. > > I added a subroutine in EvalTests.pm called verify_sender() > that will verify a given address with an appropriate mx. > It needs a mechanism to get the envelope-from for this > to be effective. This implementation relies on the header > Return-Path: which postfix adds to messages. > > This routine can be invoked from a local.cf like this: > > header UNVERIFIED_ADDRESS eval:verify_sender() > > > The postfix address verification is described here: > > > > http://www.porcupine.org/postfix-mirror/newdoc/ADDRESS_VERIFICATION_README.html > > > > I'd like to use this technique, but would rather assign > a score with SA, rather than make a reject/accept decision > in the mta. > > This is a naive implementation in many ways. > > 1) It assumes the envelope-from is retreivable from the > Return-Path: header which is true in postfix-land. I'm not > sure about elsewhere. > > 2) There's still a bunch of debugging code in here. I thought > I'd leave it in in this patch, in case it helps anyone else > get it working. > > 3) It relies on 2 extra perl modules: Net::DNS and Net::SMTP > which might be better outside the spamd process space. Maybe > a sender verification daemon? > > 4) It only checks with the highest priority mx record for a given > domain and does not move on to lower priority records. Simplicity > is the reason here. > > > I'd love some feedback or reports on whether anyone else > can get this working.
