Wietse Venema via Postfix-users wrote in
<4yzbyp1lr9zj...@spike.porcupine.org>:
|Steffen Nurpmeso via Postfix-users:
...
|> i again stumbled over the fact that postfix receives many
|> successive mails from these servers, then creates / refreshes the
|> verify_sender DB, but seems to have "no state machine" regarding
|> sender verification, but simply "brute force verifies", for
|> example here:
|>
|> Jan 14 15:16:16 postfix/smtp[892]: 4013616065: to=<bounce.mMf69fb7a2ec7\
|> 86bdd37fc8981.rf5167a6a-eb83-11e9-92f5-7ab8f5b1d025@9fans.bounce.topicb\
|> ox.com>, relay=mx1.topicbox.com[103.168.172.233]:25, delay=1.6, \
|> delays=0.02/0.17/1.3/0.14, dsn=2.1.5, status=deliverable (250 2.1.5 Ok)
|> ..
|> Jan 14 15:16:16 postfix/smtp[893]: 8D64D16067: to=<bounce.mM1d0608a97b9\
|> 1ed0ef138d2f7.rf5167a6a-eb83-11e9-92f5-7ab8f5b1d025@9fans.bounce.topicb\
|> ox.com>, relay=mx1.topicbox.com[103.168.172.232]:25, delay=1.6, \
|> delays=0.01/0.23/1.2/0.19, dsn=2.1.5, status=deliverable (250 2.1.5 Ok)
|> ...
|> Jan 14 15:16:16 postfix/smtp[891]: 586AF16066: to=<bounce.mM0295fcc211a\
|> 103059818efab.rf5167a6a-eb83-11e9-92f5-7ab8f5b1d025@9fans.bounce.topicb\
|> ox.com>, relay=mx1.topicbox.com[103.168.172.233]:25, delay=1.7, \
|> delays=0.01/0.1/1.4/0.13, dsn=2.1.5, status=deliverable (250 2.1.5 Ok)
|>
|> today two in parallel, but it can be more even, it seems unbound
|> (by itself).
|>
|> Could anything be done about that, aka synchronization be
|> enforced? I also seem to remember being fooled by nonsense mails
|
|Technically, those are THREE DIFFERENT email addresses:
Hm. Logical. pfffhh...
| bounce.mMf69fb7a2ec786bdd37fc8981.rf5167a6a-eb83-11e9-92f5-7ab8f5b1d025\
| @...
| bounce.mM1d0608a97b91ed0ef138d2f7.rf5167a6a-eb83-11e9-92f5-7ab8f5b1d025\
| @...
| bounce.mM0295fcc211a103059818efab.rf5167a6a-eb83-11e9-92f5-7ab8f5b1d025\
| @9...
|
|What kind of logic do you have in mind to cache these different
|sender addresses under the same address verification cache lookup
|key? You could play games with smtpd_command_maps, but...
verp delimiter is none there, that much is plain.
|What is the point of using reject_unverified_sender for this email?
|
|On my own site, I use it only against clients without proper FCRNS.
|(check_client_access inline:{unknown=reject_unverified_sender})
Yes, i now
allow .messagingengine.com
in addition to the
allow .topicbox.com
i already had..
Maybe in this modern world one should create a script and to
a full MX/A/AAAA chain lookup of all mailing-lists one is
subscribed to, and auto-whitelist all of those.
Sorry for the noise.
--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
|
|In Fall and Winter, feel "The Dropbear Bard"s pint(er).
|
|The banded bear
|without a care,
|Banged on himself for e'er and e'er
|
|Farewell, dear collar bear
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
