Re: [exim] Heads up?

Top Page
Delete this message
Reply to this message
Author: Alan J. Flavell
Date:  
To: Exim users list
Subject: Re: [exim] Heads up?
On Wed, 23 Mar 2005, David Woodhouse wrote:

> That would be implicit in your freedom to implement SES or BATV. If
> you don't ever send mail from the address which is being forged, you
> don't need to accept bounces (or challenges) to that address either.


As far as bounces (well, anything with <> as envelope sender[1]) are
concerned, we have some situations like that.

One class is represented by a few obsolescent domains, which we're
still accepting as addressees on incoming mail, but which are no
longer used on outgoing mail and are, unfortunately, mercilessly faked
by spammers. (These addresses also get heavily spammed, but that's
another story...)

Another class are role aliases of a kind which we don't actually use
as sender addresses, but which are used as first-point-of-contact
addresses for enquiries (and normally are forwarded to a few folks who
take turns to answer). Here again the localparts tend to be ones that
are faked as senders by spammers, and thus get quite a body of
collateral bounces aimed at them.

It seems to me quite reasonable to respond to these kinds of bounces
with a 5xx saying that this address does not send mail and therefore
bounces to it are rejected, in just an analogous way as for localparts
which don't exist and thus get 5xx unknown user response to the
offered "bounce". Comments?

all the best

[1] I've noticed a number of cases recently where "newsletters" and
other kinds of bulk mail are sent to our users with <> as their
envelope sender: I'm inclined to say "faked as delivery status
reports" and rate it as abuse, or am I being over-strict? Most
recently, a couple with their from: header reading reading -

From: Apple Developer Connection <noreply@???>

(And this turned out on enquiry to actually be something which our
user wanted!)