Roman Medina-Heigl Hernandez wrote:
Yes, you're right (I trust you! :-)). I did a quick search in my inbox and
found an example: notices from Ubuntu bug tracking system ("Launchpad" at
canonical.com) use that (poor) technique. But I'm wondering:
1) How often could you find this "nasty errors" (yes, difficult question;
impossible to answer, I'd add)
2) How important are this kind of "notices"...
Although it's a personal opinion, it seems that I can afford "loosing" such
mails... On the other hand, perhaps they're identifiable by other means, I
mean, headers, such as:
Return-Path: <[EMAIL PROTECTED]>
X-Original-To: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
...
Received: from gangotri.ubuntu.com (localhost.localdomain [127.0.0.1])
by gangotri.ubuntu.com (Postfix) with ESMTP id 0C222318376
for <[EMAIL PROTECTED]>; Fri, 28 Jul 2006 04:10:09 +0100 (BST)
From: RoMaNSoFt <[EMAIL PROTECTED]>
Maybe I'm incorrect, but I believe there was a subtle misunderstanding
in the above conversation. The From: header is not the same as MAIL
FROM: command in smtp transaction. MAIL FROM for this message was
[EMAIL PROTECTED] Feel fee to find that message in your logs and
verify. Anyway, the Postfix directive you are looking for is
"reject_unauthenticated_sender_login_mismatch".
http://www.postfix.org/postconf.5.html#reject_unauthenticated_sender_login_mismatch
That said, cheap web scripts often do use the recipient's address in the
transaction. Latest complaint I had was from some star rewards thing
for frequent visits to a restaurant (for which I promptly replied:
"choose a different restaurant" ;-) ).
Take the following two manual transactions as an example with the smtpd
sender restriction above (only slightly altered to avoid giving away
unnecessary info and posting a real address in plain text on the internet):
[EMAIL PROTECTED] ~]# telnet mail.lucasit.com 25
Trying 192.168.xxx.xxx...
Connected to mail.lucasit.com.
Escape character is '^]'.
220 postal.lucasit.com ESMTP Postfix
ehlo somehost.lucasit.com
250-postal.lucasit.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
MAIL FROM: [EMAIL PROTECTED]
250 2.1.0 Ok
RCPT TO: [EMAIL PROTECTED]
553 5.7.1 <[EMAIL PROTECTED]>: Sender address rejected: not logged in
quit
221 2.0.0 Bye
Connection closed by foreign host.
[EMAIL PROTECTED] ~]#
[EMAIL PROTECTED] ~]# telnet mail.lucasit.com 25
Trying 192.168.xxx.xxx...
Connected to mail.lucasit.com.
Escape character is '^]'.
220 postal.lucasit.com ESMTP Postfix
ehlo [EMAIL PROTECTED]
250-postal.lucasit.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
MAIL FROM: [EMAIL PROTECTED]
250 2.1.0 Ok
RCPT TO: [EMAIL PROTECTED]
450 4.2.0 <[EMAIL PROTECTED]>: Recipient address rejected: Greylisted,
see http://postgrey.schweikert.ch/help/lucasit.com.html
quit
221 2.0.0 Bye
Connection closed by foreign host.
[EMAIL PROTECTED] ~]#
HTH
-- DJ Lucas
--
This message has been scanned for viruses and
dangerous content, and is believed to be clean.
