Re: [Exim] Matching bounce recipients against sender hashes …

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Christian Balzer
Date:  
À: exim-users
Sujet: Re: [Exim] Matching bounce recipients against sender hashes -- solved!
Tor wrote:

>Instead, I set "return_path" to:
>    <sender>=<receiver>=<receiver.domain>=<hmac/md5
>signature>@<sender.domain>

>


This will do the trick with greylisting... But there is a but coming...

But unless you can make sure that those tokens are never exposed,
you are going to become vulnerable again (just look for spam that is
addressed to email/usenet message IDs).
Possible/likely leaks are mailing list archives and even more in this
day and age compromised machines of people you communicated with.
Given the the increasingly close proximity of spammers and worm/virus
authors a rather plausible scenario.

OTOH, this is really as good as it gets w/o shooting yourself in the
(plain) greylisted foot.

Regards,

Christian Balzer
--
Christian Balzer        Network/Systems Engineer                NOC
chibi@???       Global OnLine Japan/Fusion Network Services
http://www.gol.com/