Author: David Woodhouse Date: To: Mark Moseley CC: exim-users Subject: Re: [exim] Any Joe Job advice?
On Mon, 2005-04-11 at 18:03 -0700, Mark Moseley wrote: > Anybody have any tips on how to mitigate this, externally? I'm
> completely at a loss. I can't possibly contact all of the thousands of
> companies bouncing mail to us. Is turning on SPF our only hope (and
> even then, does anyone expect that it'd help more than maybe 10-20%?)?
SPF won't help much, as you observed. Because of SPF's brokenness, there
aren't that many people who are willing to reject mail for an SPF
failure either, just as there are many people who are rightly very
reluctant to publish with '-all'. You'd do best to abandon SPF
altogether.
For rejecting bounces to joe-jobs, use SES or BATV. If you were using
SPF, presumably your clients are already using SMTP AUTH, and you seem
to imply you're already using SRS -- so you can just SRS-encode your
_own_ reverse-paths on the way out, then reject all bounces to the
original 'raw' addresses.