Author: Jethro R Binks Date: To: exim-users Subject: Re: [exim] suggestion for those implementing ACLs to suppress
backscatter bounces
On Wed, 2 Aug 2006, John Horne wrote:
> On Wed, 2006-08-02 at 17:45 +0100, Jeremy Harris wrote:
> > Chris Lightfoot wrote:
> >
> > > No valid bounce will have >1 recipient
> >
> > I think there are cases (mailinglists?) where that isn't so.
> >
> Yes. The RFC actual states that more than one recipient is possible (and
> hence allowed). I can't remember which RFC it was, I would have to dig
> it out again (possibly 2821), but I was reading about this very problem
> a week or two ago.
While that's true, is it a common occurrence? Does anyone have any feel
for the risk of rejecting on this condition?
I have seen this discussion at various times in the past, but I've never
really been left with the impression that the circumstance was so common I
needed to worry about it. Maybe others know differently.
I once kept this snippet, but reading it now it doesn't make a lot of
sense to me now. Tony may have been one of the protaganists in this case:
> >> If email is sent using a role address which aliases to more than one
> >> person, any message that bounces will have the bounce alias-expanded to
> >> have more than one recipient.
> >
> > A genuine bounce message would be sent to the envelope sender, just one
> > address. My acl is checking the number of RCPT TO commands, not the
> > number of recipients after alias expansion.
>
> Of course it depends on the details of message submission and routing
> whether my scenario is a problem. For example, what if the alias is
> expanded off-site?
Jethro.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks
Computing Officer, IT Services
University Of Strathclyde, Glasgow, UK
