Re: [exim] Implementing BATV

Top Page
Delete this message
Reply to this message
Author: Mike Cardwell
Date:  
To: exim-users
Subject: Re: [exim] Implementing BATV
On 30/11/2010 08:05, Leon Liebenberg wrote:

> I am running Exim 4.72 and we are doing callout verification. Mail
> being received that has been tagged with BATV is being rejected on our
> side because of the callouts.


> I would like your suggestions on what is the best way to implement BATV
> on exim so that it can strip off the BATV tags and proceed with the
> sender verification. I do not want to tag messages leaving our domain
> with BATV.


I don't understand what is failing. If your sender callouts are using a
null sender and the BATV "signed" email address as recipient, then it
should just work... If you were to "roll back" the batv signing, then
the sender callout should not work...

If an email comes in from:

mike+batv-sig@???

Then you want to do a callout with a sender address of <> and a
recipient address of <mike+batv-sig@???>. If you do it with
<mike@???> instead, then their BATV filtering will come into
play and will notice an incoming "bounce" email to a non-BATV signed
address and will reject it.

It is not possible to reliably reverse a BATV signed email, because
there is no real standard way of performing the signing in the first
place. Anyone can come up with their own custom method if they choose
to. iirc, even the latest versions of Exim do it differently to earlier
versions. I've not used BATV for a couple of years now though.

--
Mike Cardwell https://secure.grepular.com/ https://twitter.com/mickeyc
Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell
PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F