On Thu, Jun 10, 2004 at 02:11:20AM +0100, Alan J. Flavell wrote:
> The key clue, in most cases, is that the counterfeiters presented HELO
> domains that either say aol.com, or else they contain one of our
> domains, despite the fact that the calling IP indicates that their
> presented HELO domain has no relation whatever to either AOL nor us.
and, iirc, RFC says you shouldn't reject because of HELO data :-(
> We *know* only too well that the spammers are continually faking our
> users as senders - of spam and of viruses - we really don't need the
> hundreds of bogus rejections per day to remind us of that, and we're
> refusing the majority of them automatically. But AOL are still making
> a nuisance of themselves.
I've often wondered why we (as a community) don't have different rules
for dealing with bounces, than real mail.
I'm not sure how we could do it, but make the MX generating the bounce
do some kind of check to see if:
a) the domain wants to accept bounces
b) if this particular mail should have a bounce sent based on several
criteria
--
Avleen Vig
Systems Administrator
Doing virtual domain hosting with Exim?
Check out Virtual Exim: http://silverwraith.com/vexim
(Click the banner, support development..)