-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, Jan 06, 2004 at 11:21:17AM -0600, Jim Ramsay wrote:
>This hasn't happened to me before. Is there a good way to avoid this
>happening again? In other words "how can I detect forged email
>addresses and not send challenges to them?" or "How can I detect a
>bounce sent to the reply-to instead of the envelope and have TMDA not
>even consider those for releasing a message?"
I see automatic replies to my confirmation messages about once a month (I'm
guessing). Here's my procmail rule:
:0
* ^Delivered-To: kyle-cnf-
{
:0
* ^FROM_MAILER
$AUTOCONFDEST
:0
* ^Auto-Submitted: auto-replied
$AUTOCONFDEST
:0
* ^Subject: Gating error
* ^From: .* \(Fidonet gate\)
$AUTOCONFDEST
:0
* ^From: smsgate@
* ^Subject: <SMSGATE> response
$AUTOCONFDEST
}
I set AUTOCONFDEST to my inbox so I can see the problem. When one comes
in, I blacklist the site so they don't get my challenges anymore. It would
be just as easy to drop them (AUTOCONFDEST=/dev/null). The advantage there
is that you can still do C/R with users at the site. The disadvantage is
the extra automated mail traffic (which nobody sees).
Hope this helps.
- --
Kyle Hasselbacher I am a legend in my spare time.
[EMAIL PROTECTED]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE/+vDb10sofiqUxIQRAp2rAJwPWeNMaez+RRRvYU7H1eUv5k/TAACcC5ZC
fHHD6QtN79HB6gQm2LC9mgM=
=8epy
-----END PGP SIGNATURE-----
_____________________________________________
tmda-users mailing list ([EMAIL PROTECTED])
http://tmda.net/lists/listinfo/tmda-users
