On Fri, 23 May 1997, Richard Gilbert wrote:
> However I noticed in the rejectlog an example where a non-delivery message
> (from Mailer-Daemon@???) was rejected.
Non-delivery messages that conform to RFC 821 should be sent out using
the SMTP command
MAIL FROM:<>
This is always permitted; Exim cannot prevent it. This is in fact one of
the problems with some kinds of spam that masquerades as a delivery
failure report. If the remote host was sending out
MAIL FROM:<Mailer-Daemon@???>
then it is broken (a) because it isn't following RFC 821 and (b) because
SUNofMail.ernsty.co.uk is not DNS registered. You have every right to
complain to the postmaster at whatever site it was that sent it.
> More generally, perhaps I should be liberal in what I
> accept from the outside world and only apply sender verification to mail
> from hosts in my own domain. I am sure there must be a way of doing this
> but I cannot find it in the manual.
Hmm. Most people want precisely the opposite! The options
sender_verify_except_{hosts,nets} give you that. Certainly I am not
interested in receiving messages that have invalid sender addresses. I
am a renegade in believing that the Internet "be liberal in what you
accept" philosophy has led to no end of problems.
--
Philip Hazel University Computing Service,
ph10@??? New Museums Site, Cambridge CB2 3QG,
P.Hazel@??? England. Phone: +44 1223 334714