I wrote a small text file I now send to people who bounce mail to the header
sender (system bounce or autoresponder).
http://marc.merlins.org/netrants/autoresponders.txt
(feel free to steal it and improve it, as well as fix it if necessary)
Someone asked me:
----------------------------------------------------------------------------
> By sending bounces/autoreplies to the header From, you are:
> - Violating Email RFCs
Could you provide a citation for this claim if you have a chance? I've
never seen anything in the e-mail RFCs that dictate the behavior of
vacation messages and similar autoresponses, only bounces and delivery
notifications which are a different class of message altogether.
----------------------------------------------------------------------------
I see bounces as any other type of automatically generated answers, and it's
seems obvious to me that they should go to the envelope from, but does
anyone have an actual pointer that actually defines this?
BTW, he goes on to say:
----------------------------------------------------------------------------
We currently apply a wide variety of heuristics for our autoresponder: we
don't reply to messages that don't contain the user's e-mail address in
the To or Cc header, we don't reply to Precedence: bulk or Precedence:
junk messages, we don't reply to messages from owner-*, postmaster,
mailer-daemon, and other similar administrative addresses, and so forth.
But if the message passes all of those heuristics, we *do* reply to the
Reply-To or From address, not the envelope sender.
The reason for this is that autoresponses are intended for humans to read
(we use the same system to implement automatic responses to various
administrative addresses, not just for vacation responses) and the number
of people with misconfigured envelope senders pointing to addresses that
will just bounce or which are never read is rather staggering. It was a
trade-off that I made consciously when writing the code, and thought about
for a while.
I could be convinced that I made the wrong choice, and I'd be interested
to hear you elaborate on this.
----------------------------------------------------------------------------
What he says makes some sense considering the imperfect internet we live in
(but of course, with sender_verify_hosts_callback, his problem is kind of a
non issue for me)
Thanks,
Marc
--
Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet cooking
Home page:
http://marc.merlins.org/ | Finger marc_f@??? for PGP key
