Re: [exim] envelope-from - best practices

Pàgina inicial
Delete this message
Reply to this message
Autor: Dave Evans
Data:  
A: Alexander Johannes
CC: exim-users
Assumpte: Re: [exim] envelope-from - best practices
On Mon, Jan 31, 2011 at 08:16:58AM +0100, Alexander Johannes wrote:
> Recently i tried to subscribe to a mailing-list, which totally went
> wrong, since the MLM tried to subscribe me with the envelope-from
> address. So the from-header of the E-Mail stated '$SYSTEMUSER@
> $DOMAIN', while the envelope-from stated something like 'prvs$HASH
> $SYSTEMUSER@$HOST'. As you can see, i'm using BATV, because i've been
> hit by backscatter in the past very badly. So even if i manage to
> subscribe somehow to the list, i will never be able to post something
> to it, because the envelope-from constantly changes due to BATV.
>
> Third: are there any other side-effects, if envelope-from and from-
> header are not matching? I assume no, because i haven't faced any
> problems regarding this in the last couple of years.
>
> Fourth: is BATV still feasible or should i consider something else?


IIRC I've been using BATV for a few years now and never had any problems with
it. Never noticed any side effects of having From != MAIL FROM, and been able
to use (mailman) mailing lists just fine.

Sounds like you have had the misfortune to encounter a broken mailing list
server. My guess is that their use of the return path in that way probably
violates some RFC, but that is /just/ a hunch.

If you get no luck fixing the broken mail list server, maybe you should add
BATV exceptions (i.e. don't sign) just for mail to that list. If you do that
though then presumably you'll be turning off "require prvs on incoming
bounces", which defeats the main point of it. Unless you only drop the
prvs-signed requirement for /some/ return paths (i.e. an address you use only
for the broken list server).

--
Dave Evans
http://djce.org.uk/
http://djce.org.uk/pgpkey