Re: [Exim] New AOL Mailer for forgery filter (for Exim 4.x)

Top Page
Delete this message
Reply to this message
Author: James P. Roberts
Date:  
To: exim-users, Giuliano Gavazzi
Subject: Re: [Exim] New AOL Mailer for forgery filter (for Exim 4.x)
<snip>
> >>From the 4.x online manual:
> >     sender_domains = <domain list>
> >     This condition tests the domain of the sender of the message

against
> >the given domain list.
> >
> >What exactly defines the "domain of the sender of the message"? Is

it a
<snip>
>
> no, as it would not be available at the RCPT phase. It is the domain
> of the argument of the MAIL command (MAIL FROM: user@domain)


OH! Thanks for clarifying that! And that is whatever the user enters
in their email client software, right?

>

<snip>
>
> if they are not setting their return address (the argument of the
> MAIL FROM:) to an aol address, then they will not be catched by one
> of these "AOL forgery" filters).


Ah. I instruct them to set their email address (in their email client)
to match whatever email address I am hosting for them. So there should
be no problem. (Yay!)

<snip>
> >
> >Return-path: <lransom@???>
> >Envelope-to: punster@???
> >Delivery-date: Wed, 18 Sep 2002 08:27:05 -0400
> >Received: from [63.121.118.244] (helo=hppav)
> > by puns01.punsterproductions.com with asmtp (TLSv1:RC4-MD5:128)
>
> this is the crucial point, if I had received that email (and it had
> not be authenticated) I would have rejected it.
> This is a point that many administrators take lightly, the host must
> identify itself with its hostname, not just a made up name.


I am not too picky about what the customer's machine advertises itself
as. Most of my customers are not very computer saavy. And, for all I
know, they may borrow someone else's machine, or buy a new one, or play
around with their settings... I'm sure you get my point. Instead, I
depend upon TLS and AUTH. As a combination, it's about as safe as I can
reasonably make it, to make sure I am only relaying for actual
customers, and not forgers.

On the other hand, as you say, without authentication...

>
> I imagine your clients will look from outside as:
>
> Received: from h-64-105-159-234.phlapafg.covad.net ([64.105.159.234]
> helo=puns01.punsterproductions.com)
> by exim-colo-01.whoc.theplanet.co.uk with esmtp (Exim 3.34 #5)
>
> This is acceptable to me as nslookup puns01.punsterproductions.com
> gives 64.105.159.234.
>


That is about right. Although, I am in the process of beating Covad
about the head to get my reverse DNS set correctly. Wish me luck!

> Anyway, my opinion is that all these DATA phase recipes leave a lot
> to be desired (they do not save bandwidth for one), and, as you can
> see from my email on DATA deny and hotmail of yesterday, can give
> some dodgy delivery failure messages with some dodgy servers...
>
> Giuliano


Quite so. Always good to rub elbows with someone that appreciates how
precious bandwidth is. ;)

Jim Roberts
Punster Productions, Inc.