Re: [exim] suggestion for those implementing ACLs to suppres…

Top Page
Delete this message
Reply to this message
Author: Ian Eiloart
Date:  
To: W B Hacker, exim users
Subject: Re: [exim] suggestion for those implementing ACLs to suppress backscatter bounces


--On 4 August 2006 02:03:00 +0800 W B Hacker <wbh@???> wrote:

> Magnus Holmgren wrote:
>
>> On Wednesday 02 August 2006 18:45, Jeremy Harris took the opportunity to
>> say:
>>
>>> Chris Lightfoot wrote:
>>>
>>>> No valid bounce will have >1
>>>> recipient
>>>
>>> I think there are cases (mailinglists?) where that isn't so.
>>
>>
>> Example: I send a mail somewhere with a group alias, like
>> tech@???, as sender. It bounces. The bounce comes back,
>> tech@??? is expanded into magnus@??? and
>> chris@???, which are for some reason forwarded to
>> magnus@??? and chris@???. Voilà, a mail with
>> empty sender and multiple recipients.
>>


Damn, foiled again! See my email a few minutes ago in this thread, where I
proved that this can't happen because a return path can only contain one
address. Clearly, I didn't consider what happens to the bounce message
after it's generated.

>
> Is that seen as 'multiple recipients' on initial presentation to Exim?


Yes, if Exim is handling the "otherexample.net" domain. However, in this
rather unusual(?) case, you might expect tech@??? to be monitored
directly, and not reliant on the otherexample.net domain functioning.
Perhaps it's time example.com got it's own IMAP server, and chris and
magnus get themselves a shared mailbox.

> The expansion could (should?) occur later, so 'not necessarily'.


But possibly.

> w/r Mailing Lists - to the extent that an MLM is intelligently
> configured, any 'proper' bounces should come back in a format that the
> MTA simply hands-off to the MLM for handling.


So, we're not really talking about something as sophisticated as a Mailman
list. Of course, this is a good argument for using a proper MLM, but if
we're talking about a system adminstration alias, we might want it to
operate properly even when the MLM isn't.

> Nothing is without some downside, but so long as spammers do what all too
> many of them do, limiting bounces to a single recipient still seems to
> do more good than harm.
>
>
> Bill




--
Ian Eiloart
IT Services, University of Sussex