Author: Renaud Allard Date: To: Marc Perkel CC: exim-users Subject: Re: [exim] Bounce Address Tag Validation (BATV)
On 2/10/09 10:35 PM, Marc Perkel wrote: > One trick that comes to mind. I can track domains where the local_part
> has an = in it. Then once a see one I can perhaps expect all email from
> that domain to have the = in it and reject spoofers that lack the = ....
>
> Thoughts?
>
You can make any assumption you want, yet, unless you have any
confirmation, it will still be an assumption.
One example, one of your clients uses a mailing list, which uses the =
sign as a separator for bounce detection, yet they don't use any batv
for normal mail address.
Another example, look at the headers of my mail, I use some kind of
BATV, but I use / as separator, would your rule be useful if I was one
of your clients?
Yet another example, one of you clients sometimes use the = sign in
normal generic email addresses.
All of this to say, ask your clients first. Your trick may be good, but
ask for confirmation, or lose your client because your quota for false
positives has been exceeded.