Me (auj@???) said, in message
<E1ApCRs-0004xG-4Z@???>:
>
> That's a pain! It begins to look like freezing unrecognised bounces is the
> only safe option (I might have a go at that and see how bad it gets). Of
> course, if most of your bounces were from MyDoom, you'd have been OK to drop
> them anyway. I suppose that's another question... Would the bounces you
> received have contained the headers if it was the MTA that generated them
> rather than some dumb antivirus plugin? If so, the scheme still holds
> water!
>
> I think I'm going to have a bash add adding the magic tag to mails. A few
> weeks of logging the results returned would probably give an answer.
OK, I had a go at freezing on the basis of not having the tag. The vast
majority of stuff which got frozen was spam or virus bounces. So far I've
not seen a single legitimate bounce message get frozen by the software.
Unfortunately, there *is* a big gotcha - vacation messages. These have a
sender of <> and quite legitimately don't have any headers included. I guess
a bit of tinkering would let me spot most of these and let them through, but
it looks like too much work...
Cheers,
Alun.
--
Alun Jones auj@???
Systems Support, (01970) 62 2494
Information Services,
University of Wales, Aberystwyth