On Mon, 15 May 2023, Brandon Long wrote:
Yes, VERP and SRS are the two most obvious cases where their design
inherently doesn't work
with the limit (encoding the full email address into the mailbox portion)
You'd need to either get fancy with the domain portion, which has its own
complications (multi-level star DNS?) or use a lookup table.
The wildcard isn't hard, since a DNS wildcard matches any number of
labels. (You may be confusing it with wildcard SSL certs which use the
same syntax but only match a single label.) One wildcard is plenty for my
DMARC rewriter to, say, bl...@google.com.dmarc.fail:
;; QUESTION SECTION:
;*.dmarc.fail. IN MX
;; ANSWER SECTION:
*.dmarc.fail. 10 IN MX 20 mx1.dmarc.fail.
Once the mail arrives I need a lookup table to track which domains I'm
rewriting and which addresses in those domains, to keep from turning into
an open relay.
I believe that LISTSERV rewrites addresses to a hash of the address which
fixes the length problem but also needs a lookup table.
Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
