Re: [Exim] Mail Loop Question

Hi Dennis, on Fri, 03 Oct 2003 13:57:47 -0400 you wrote:

> I have a user who is forwarding their
> work email to their email on our system. They received a piece of spam
> at work with that nasty V word in the subject line. I happen to have
> the default regex in exiscan rejecting such messages during the DATA
> phase of receipt.
> The problem seems to be that the sending server sends the error back to
> the user's work email which is forwarded to us, but that word is still
> in the error message, so our server rejects it. I'm not exactly sure
> what ultimately happens to this email.

Let's call the original mail's envelope sender 'A' and the original mail's
envelope recipient 'B'. The destination address on your system is C. Your
user's work mailserver is 'WORK'.

WORK gets the original mail (with env sender A, env recip B) and tries to
send it to an envelope receipient C on your server with an envelope sender
of A. You reject it. WORK should generate a bounce message to the envelope
sender (A).

Now, what may have happened is that the stupid spammer forged the envelope
sender to be the same as the envelope recipient. (i.e. A=B). In this case,
WORK will expand the recipient of the bounce (A) to C and should try to
deliver the bounce to your server, with a null envelope sender and an
envelope recipient C. When you again reject it, WORK should basically not
do any more with the message; it should 'freeze' it, discard it or somehow
bring it to the attention of a local administrator.

Conclusions:

- It's not your problem :)

- This situation, although annoying, should not cause mail loops if WORK
is correctly configured.


Tim