- Spammer sends you a message with a forged sender
- TMDA replies with a confirmation request to the forged sender's server
- The forged server is misconfigured and sends a bounce to your "reply-to" address instead of your envelope
- The spam is released (and maybe the forged address whitelisted)
- You wail, gnash your teeth, and with the admin of the forged server would fix his/her MTA
What about changing Confirmation so that a confirmation response is only processed if the envelope sender is NOT "<>"? This may cut this down a bit.
-- Jim Ramsay "Me fail English? That's unpossible!"
_________________________________________________ tmda-workers mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-workers
