On Sat, 31 Jan 2004, Fred Viles wrote:
> On 31 Jan 2004 at 12:31, Alan J. Flavell wrote about
> "Re: [Exim] Temporary defer on callo":
> |...
> | beware the quick-fix! Those BVAs are a pain in the neck, but there
> | has to be a better way to deal with them. Any chance of a DNSRBL
> | listing the senders of BVAs, I wonder?
>
> If there were, I wouldn't think it would be a good idea to use it for
> blocking. ISTM that there is a much higher than random chance that
> the BVA sender is a host from which you normally want to accept mail.
I was thinking of using them as a guideline for specifically rejecting
bounces, actually, not for rejecting mails as such.
There's some BVA-sending software that uses non-null envelope senders,
such as eSafe@???, Virus-Check@??? and so on (I
don't know why I'm not using their real domains in this mail,
actually!). Those envelope senders go into a special blacklist here.
But BVAs with null envelope senders need some other handle to keep
them out: yes, there are spamassassin recipes available, but if we
keep getting a torrent of 33-35kB reports that have to be fed to
spamassassin before we reject them, it could get kind-of busy.
cheers
By the way, a possibly dumb question: can a spamassassin recipe
actually distinguish whether it's dealing with a bounce or with a
non-null envelope sender? One of the problems, where virus warnings
aren't evident from the Subject header but only in the body of the
report, is that we run the risk of spamassassin stifling any attempt
to discuss the warnings or their SA recipes, believing the discussion
to be a bogus virus alert ;-))
