Re: [exim] EBL: blacklist for email addresses in Reply-To an…

Top Page
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: exim-users
Subject: Re: [exim] EBL: blacklist for email addresses in Reply-To and message bodies
On 2017-06-28 at 18:19 +0300, Lena--- via Exim-users wrote:
> How to use EBL in Exim config (requires Exim version 4.87 or higher):
> https://github.com/Exim/exim/wiki/EBL


Looks potentially useful.

The Reply-To: header takes an address-list and is interpreted as such,
and IIRC used in that way by some mail-clients when subscribed to
mailing-lists but wanting personal copies of replies too. So the `rt:`
ACL is going to calculate something which will emit bogus queries to an
external service.

There could stand to be some privacy implications discussion too --
you're sending out, over the wire in unencrypted DNS packets, a
predictable derivation of the Reply-To: header received for every email
from a given domain. Using a cryptographic checksum protects against
casual snoopers knowing, but does not protect against those with a
dictionary of email addresses generating a reverse map and using that
for lookups, so undermines a chunk of the TLS-by-default work going on
by leaking metadata. Usual RBLs only leak that there was communication
from an IP, which a network traffic sniffer could see anyway.

-Phil