On Tue, 2004-07-13 at 16:20 +0900, Christian Balzer wrote:
> David Woodhouse wrote:
> >On Mon, 2004-07-12 at 12:55 +0000, Peter Bowyer wrote:
> >> Some people here have discussed an alternative solution which drops a
> >> cryptographically-derived cookie in the return-path of all outgoing mail,
> >> and on the incoming side you reject null-sender mail which arrives to the
> >> 'bare' address, and verify the cookie otherwise.
> >
> >Sample implementation at http://www.infradead.org/rpr.html
> >
> Nice one, but it breaks (like all schemes with timestamps in them)
> greylisting.
Yeah. I'd like to set the errors_to path _once_ rather than repeatedly
at each delivery attempt. I don't think Exim gives me a way to do that
though.
I've actually taken out the diagnostic timestamps in the domain part, so
it changes only once a day -- since retry attempts will happen more
frequently than that, it should work OK with greylisting. What I'll do
when I get a chance to play is make it base the signature on the local
queue ID rather than a timestamp. That way it'll be the same for retried
delivery attempts.
> The envelope sender signature design (esp. with stronger encryption as
> promised here yesterday) at http://slett.net/spam-filtering-for-mx/
> solves what the OP asked for with the least amount of collateral damage
> I've seen so far for these schemes.
>- 2.3.3.4. Accept only one recipient for DSNs
>- Legitimate Delivery Status Notifications should be sent to only one
>- recipient address - the originator of the original message that
>- triggered the notification. You can drop the connection if if the
>- Envelope Sender address is empty, but there are more recipients than
>- one.
This is wrong.
--
dwmw2
