Autor: John W. Baxter Data: Para: exim-users Asunto: Re: [exim] Alterating / Intercepting bounce messages
On 10/30/2004 5:48, "Chris Edwards" <chris@???> wrote:
> And John W. Baxter wrote:
>
> | Look into SRS (which is what was supposed to fix the forwarding problem for
> | SPF). You encode the original return path into a verifiable return path you
> | generate...when the bounce comes you verify that the purported target
> | address of the bounce came from your server and if so extract the original
> | return path part.
>
> I think you've lost me there. Once the MX has accepted a mail to an
> unknown user, then it's too late to do anything useful and the old dilemma
> applies. Silently drop the mail (breaking reliability) ? Or spam the
> forged sender with a bounce ? The former (drop) is more acceptable as it
> only impacts oneself and one's own correspondents, not the whole of the
> net.
It does help solve the problem Mark presented (it allows him to get the
bounce and to pass it on to its innocent victim). We've already covered, I
think, the idea that that is not a useful problem to solve.