Re: [exim] Exim and SRS in ACL?

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Sander Smeenk
Date:  
À: exim-users
Sujet: Re: [exim] Exim and SRS in ACL?
Quoting Chris Lightfoot (chris@???):

> Are people seeing a lot of SRS in the wild? A quick census
> of my mail suggests <0.1% SRS for both real mail and spam.


I implemented it after my domain was abused in a joejob once. I got lots
of bounces for messages i really didn't send.

Mine look like this:

SRS0+5fa35e833dc816e69293+362+freshdot.net+ssmeenk@???

SRS0 being just a 'tag'. The hash is built by combining a secret key
with some characteristics of the email. The 362 is a date-stamp by which
this 'token' can be dated, and the original address follows after it.

I once had 'mxhost-timestamp' prefixed on the domain-part
(dot-135301.srs.freshdot.net), but that broke many greylisting setups.

I'm still very happy with the extra layer of 'noise protection'. It
still catches ~10 bounces a day :) Only had some minor problems with
flakey mailinglists and funky callout setups for which i have made
certain 'whitelists'.

Thing is, you can only implement it on a domain you have absolute full
control over the incoming and outgoing mailservers. Or else it's useless
/ will break very hard.

Regards,
Sander.
--
| Intaxication: Euphoria at getting a tax refund, which lasts until you
| realize it was your money to start with.
| 1024D/08CEC94D - 34B3 3314 B146 E13C 70C8 9BDB D463 7E41 08CE C94D