Re: [Exim] .forward files and spam counterfeits

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Alan J. Flavell
Date:  
À: Exim users list
Sujet: Re: [Exim] .forward files and spam counterfeits
On Thu, 27 Nov 2003, Pat Lashley wrote:

> My first thought would be to ensure that there's something unique to
> your site in the 5xx rejection response; then set up an ACL for null-
> sender messages, with a condition that does a match on $message_body
> looking for your rejection notice.


Yes, I'm sure something like that is going to be a component of a
solution.

But I'm hurting my head to be sure that it won't end up rejecting
something bona fide.

Suppose, for example, that one of our users was the owner of a mailing
list at a remote mailing list server. Indeed, we happen to know a
couple of them who are, and there could well be others.

Now consider the scenario where some other address at our site is
involved in an incident where we reject a mail from the list: the
rejection would then be notified, and rightly so, to the mailing list
owner. Isn't there a risk that we'll recognise our own rejection
notice tag in there, and refuse the rejection? That would clearly be
wrong, but I don't know how to reliably distinguish the various
situations that can arise.

This is why I was sort-of hoping someone else had actually solved this
kind of problem in practice already and would be willing to pass on
their advice and any got'chas.

[and thanks for the other suggestions...]