Re: [exim] Any Joe Job advice?

Top Page
This message is part of the following thread:
M---+\the complete thread tree sorted by date
M...MMMarilyn Davis at <-
MM+\MGray, Richard at ->
Delete this message
Reply to this message
Author: David Woodhouse
Date:  
To: Mark Moseley
CC: exim-users
Subject: Re: [exim] Any Joe Job advice?
On Mon, 2005-04-11 at 18:03 -0700, Mark Moseley wrote:
> Anybody have any tips on how to mitigate this, externally? I'm
> completely at a loss. I can't possibly contact all of the thousands of
> companies bouncing mail to us. Is turning on SPF our only hope (and
> even then, does anyone expect that it'd help more than maybe 10-20%?)?

SPF won't help much, as you observed. Because of SPF's brokenness, there
aren't that many people who are willing to reject mail for an SPF
failure either, just as there are many people who are rightly very
reluctant to publish with '-all'. You'd do best to abandon SPF
altogether.

For rejecting bounces to joe-jobs, use SES or BATV. If you were using
SPF, presumably your clients are already using SMTP AUTH, and you seem
to imply you're already using SRS -- so you can just SRS-encode your
_own_ reverse-paths on the way out, then reject all bounces to the
original 'raw' addresses.

--
dwmw2




This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] basic questionRe: [exim] postfix conversion to exim (please put me out of my misery and tell me what I am doing wrong)->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)