RE: [exim] a large number of domains fronted by Exim are ref…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Rick Cooper
Date:  
À: Exim User's Mailing List
Sujet: RE: [exim] a large number of domains fronted by Exim are refusingbounces...


> -----Original Message-----
> From: exim-users-bounces@??? [mailto:exim-users-bounces@exim.org]On
> Behalf Of Greg A. Woods
> Sent: Saturday, June 25, 2005 2:00 AM
> To: Ian FREISLICH
> Cc: Exim User's Mailing List
> Subject: Re: [exim] a large number of domains fronted by Exim are
> refusing bounces...
>
>

[...]

> Like I said, if you think blocking SMTP transactions simply because they
> arrive with an empty return path is the solution to any problem then
> you're using the wrong protocol from the get go.
>


I have watched this thread and I believe pretty much everyone would agree
with this statement if it accurately reflected your opinion but, from what I
see, it does not.

in practice anyone with an deny ACL that stated

deny if nullsender

is very, very broken. However your practical examples always seem to include
both a left and right hand portion of an equation. "deny if nullsender and
recipient is specific" is not rejecting simply because they arrive with an
empty return path, it's because they arrive with an empty return path and
they meet other criteria as well.

I have several addresses that never, ever, send mail. In fact I have an ACL
that will catch any attempt for one of these accounts *to* send mail. I fail
to see how there could be a valid reason for any system to send mail to one
of these accounts with a null sender.

And then there are those systems that send "you sent a virus" bounces out
from a null sender. If a system sends a message from null with a subject of
"our antivirus... or your mail contained a virus, or virus detected,..." why
should I accept it? One thing you know about viruses today is the sender is
forged. I had a user just last month that was in several address books in a
large marketing firm (she is a media buyer) and one morning she started
getting about 1000 bounces an hour stating she had sent a virus. Now,
granted, most came from addresses of the type mailer_daemon or
mail_subsystem but 100s came from null senders and many came with the entire
virus attached. Why should I accept these mails, especially when the
recipient was panicked when they first began arriving before I set an ACL to
trap and deny during SMTP? What is the point of using one millisecond more
resource to pass through a filter or other processing when I know at DATA I
don't want this?

You stated there are many legitimate reasons why an account that *never*
sends mail should receive mail from null sender, name three (that's only
several, not many, so it should be easy)

Rick



--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.