Re: [exim] Blocking non-authenticated senders

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Peter Velan
Date:  
À: Exim Users Mailing List
Sujet: Re: [exim] Blocking non-authenticated senders
am 22.02.2007 15:48 schrieb Ian Eiloart:
>
> --On 22 February 2007 12:26:02 +0000 Jethro R Binks
> <jethro.binks@???> wrote:
>
>> On Wed, 21 Feb 2007, Peter Velan wrote:
>>
>>> -- One message was triggered from a news website, where one user
>>> informed about an interesting article. The email-system of this website
>>> placed the email-address of the informing guy in envelope-from.
>>
>> The last time I thought about this setting, which would have been around
>> 2000 or so, it was quite common for "greetings card" sites and similar to
>> do this too. They were quite in-vogue at the time, I've no idea about
>> now. As a general comment, there are probably many other cases that you
>> haven't observed, so:
>>
>>> Conclusion: Its not worth the hassle!
>>
>> I agree with that conclusion, and one benefit of your investigation
>> provides the Exim users archives with a more recent discussion on the
>> matter.
>>
>>
>
> I disagree. [...]
>
> The policy caused some consternation at first, but our users soon learned
> to use our MSA servers to send email. We don't really care about greeting
> card sites, and the few other sites that do similar such stupid things have
> simply been told to use their own email domains to send email.


Well, this was a single event here (in a period of over 400 days)! But,
as I wrote previously, the more serious reason, not to implement my
original idea was this:

| -- A handfull of my users is sending from email-providers which
| freely allow setting of an arbitrary envelope-from.


I have to tell these users (above, "a handfull" means 3 users) not to
use the webmail interface provided by the foreign providers. On the
other hand, we have a functional webmail interface in place, so it
should not be too hard, to convince these 3 dissenters ;-)

Also, I don't see a need to accept messages targeted to my postmaster@
accounts with an envelope-from postmaster@mydomains. Will I break a
RFC-rule with this blocking?

Peter