RE: [exim] Any Joe Job advice?

Pàgina inicial
Delete this message
Reply to this message
Autor: David Woodhouse
Data:  
A: Gray, Richard
CC: exim-users, Mark Moseley
Assumptes nous: Re: [exim] BATV vs callout on header from?
Assumpte: RE: [exim] Any Joe Job advice?
On Tue, 2005-04-12 at 09:06 +0100, Gray, Richard wrote:
>
> I was wondering, how does something like BATV affect the end users of
> mail Services. Could I implement this at a server level without my users
> noticing That their outbound envelopes were being rewritten?
>
> Is it even a good idea to do this? BATV seems like the simplest, and
> least Anti-social way of guaranteeing that a message is a legitimate bounce,
> but Surely if this was the case it would already have much wider acceptance?
> What Are the the reasons not to use it?


For a start it means your rempte users _MUST_ use SMTP AUTH to go
through your servers (or perhaps generate their own BATV tags, but going
through your servers is easier.

It means that occasionally a broken and dangerous autoresponder which
replies with a non-bounce message xor to the From: header address
instead of the reverse-path will fail to get its important message
through.

There are also a small number of recipients (one ezmlm mailing list
being the only such recipient that I've encountered in practice) which
filter incoming mail by the reverse-path; when BATV causes the reverse-
path to be different every time, they get unhappy. There are solutions
to this -- I think Tony can probably offer more detail of his current
solution, since I haven't found it enough of a problem to bother with.

You also have to make sure that if you forward mail from other addresses
to the BATV-protected address, you handle bounces appropriately --
either by observing that the forwarding address is never used in a
reverse-path anyway so it doesn't matter, or by forwarding to an
unprotected local address instead of the BATV-protected address.

I've been doing this on my own outgoing mail as well as a handful of
other users' addresses for about a year now; I've have no real problems
with it. YMMV, of course.

--
dwmw2