Author: David Woodhouse Date: To: Christopher Meadors CC: exim-users Subject: Re: [exim] BATV and sender verification.
On Wed, 2007-12-12 at 09:32 -0500, Christopher Meadors wrote: > On Wed, 2007-12-12 at 10:36 +0000, Mike Cardwell wrote:
>
> > When I set up BATV on my own system I was ultra-paranoid and concerned
> > that legitimate queries against my server to check the validity of email
> > addresses might be broken by it.
> >
> > So what I did was to restrict emails from null senders to having only
> > one recipient (defer further RCPT TO's), which is almost always the
> > case. Then I perform the BATV check in the predata ACL. That way other
> > peoples callouts aren't affected by BATV checks.
>
> Which is the same way I've done in the past.
>
> Now, what is troubling me is the recent mention of vacation messages.
> It seems that they'll be sent with a null sender, but to the header
> FROM:, not the envelope sender. That means they'll fail the BATV
> checks.
Vacation messages sent as you describe are broken. They should be sent
to the envelope sender. If they aren't, report it as mail abuse to the
upstream network provider of the offender. It's a mail loop waiting to
happen.