Giuliano Gavazzi a écrit : > > On T 22 Jan, 2009, at 11:49 , Charles Marcus wrote: > >> On 1/21/2009, Giuliano Gavazzi (dev+li...@humph.com) wrote: >>>> The postfix backscatter readme is a good start, esppecially is you are >>>> using postfix - and if you aren't, why aren't you? ;) ... but the >>>> concepts can be applied to any MTA... >> >>> I don't use postfix, because I use exim... >> >> And as I said... the CONCEPTS can be applied to ANY MTA... > > > well, first of all backscatter is not really the issue of this thread.
agreed. > Secondly the concepts are not all that good. They are ;-p > In particular the one > entitled: > > Blocking backscatter mail with forged sender information > > that states: > > "Like many people I still have a few email addresses in domains that I > used in the past. Mail for those addresses is forwarded to my current > address. Most of the backscatter mail that I get claims to be sent from > these addresses. Such mail is obviously forged and is very easy to stop." > From what I understand he is rejecting backscatter that is sent to some > of his old addresses (with an identical forged sender, Note the "from" in "claims to be sent FROM...". > but this is > irrelevant) and from there forwarded to his mail server. Very bad. If > you have configured forwarding somewhere you must be prepared to accept > anything from there, or else you will be the cause of backscatter as the > peer server is a genuine server and not a spambot. you misunderstooood ;-p the idea is: if I get a bounce caused by a message sent with j...@example.com as sender, and I know j...@example.com is never used as a sender (because I own that address and I don't use it as a sender), then I can block the message. here's another example. while my Reply-To is set to mouss+nob...@netoyen.net, I don't use this address in From: or envelope sender. so if someone bounces a mail supposedly sent from this address, _I_ know the "original" message was a forgery and I can reject the bounce. > [snip]
