RE: [exim] Supressing bounce messages

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Renaud Allard
Ημερομηνία:  
Προς: exim-users
Υ/ο: fv+exim
Αντικείμενο: RE: [exim] Supressing bounce messages
Of course you can, have a look at:
http://slett.net/spam-filtering-for-mx/collateral.html#signedsender
and:
http://slett.net/spam-filtering-for-mx/exim-sign.html

What I do is using signed envelope sender and accepting bounces for those ones. Bounces addressed to real users but not signed are also accepted but they are just eaten by a blackhole acl.

I think Tony Finch has also done an implementation, but I cannot find back the exact url.


On Tue, 28 Jun 2005 09:23:52 +0100
exim-users-request@??? wrote:

> On 27 Jun 2005 at 18:07, Mark Smith wrote about
>     "RE: [exim] Supressing bounce messag":

>
> |...
> | (I wrote:)
> | > OK, then how about addressing the problem at its source? You
> | > shouldn't be generating bounces to external senders in the
> | > first place. Undeliverable mail should be rejected at SMTP time.
> |
> | We don't generate bounces to external senders, only local senders, and we
> | only do that because some MUAs don't cope well with rejections at SMTP time.
>
> Right. Good.
>
> | The situation I'm trying to address is the unlikely event that someone on
> | our system (a local user or a hacker) starts Joe-Jobbing somebody. We don't
> | want to send misdirected bounces to the addresses that are being spoofed.
>
> But if all the hacker's victim addresses are valid, that's OK? ;)
>
> Can you prohibit spoofed senders (at least spoofed external senders)
> instead?
>
> - Fred



--
http://www.octools.com

.O.
..O
OOO

PGP key: http://www.llorien.org/gnupg/key.pub