On 17 September 2002, Dr Andrew C Aitchison said:
> Do you not find that this blocks genuine messages which are sent from
> your system to an external address and then redirected back to you,
> eg by an alias at the far end, or through a mailing list (one which
> doesn't change the from address to something like mail-list-admin) ?
Yes, it did -- so I added another ACL statement to worm around that.
This is of course *totally* site-specific to python.org, so let me
explain the context:
* mail.python.org exists mainly to serve mailing lists
* a handful of people have personal @python.org addresses
and use them
* one of these people also has an address, call it user@???,
that just forwards to his python.org address
* user@??? is subscribed to (say) foo-list@???
* so when foo-list sends mail to user@???,
example.net's outgoing MTA turns around and presents the message
right back to mail.python.org, with an envelope sender of
foo-list-admin@???.
So, before my "forged sender address" ACL statement, I have a statement
to accept such traffic, roughly:
accept hosts = mail.example.net
senders = *-admin@??? : ^.*-bounces@python\.org
domains = +local_domains
verify = sender
verify = recipient
Interesting points here:
* the "*-admin" is for Mailman 2.0 lists, and ".*-bounces" is
for Mailman 2.1 lists (there are some of each)
* checking the domain and verifying sender and recipient is necessary
because this "accept" is fairly early in my RCPT ACL -- it comes
before anti-relaying, sender verification, and recipient
verification. So I have to duplicate those checks here to prevent
being bamboozled by eg. an envelope sender bogus-admin@???
You really can have a lot of fun with ACLs...
Greg
--
Greg Ward <gward@???> http://www.gerg.ca/
Outside of a dog, a book is man's best friend.
Inside of a dog, it's too dark to read.
