On May 13, 2009, at 2:14 PM, mouss wrote:
Thank for any info or links to other docs I am missing.
There are problems with auto-responders:
- first, there is the backscatter problem (sending the reply to a
forged
address...).
- second, most auto-responders are broken, in so many ways.
so at this time, the "answer" is: don't use a responder unless you are
willing to invest in setting up a good one.
some basic rules:
- filter spam and only respond if "spamicity" is reasonably low (for
example, with a "correctly configured" spamassassin setup, don't
respond
if spam level is >= 3 [this is an example: 3 is arbitrary here]). the
idea is to detect as much spam as you can, so that responses to spam
are
rare.
- never respond to addresses found in headers. if a response is to be
sent, send it to the original envelope sender. This is unfortunately
often missed.
- do not respond to automatically submitted or resent mail. This
includes mail from mailing-lists.
- the auto-response should contain enough infos (reason for the
auto-response, original headers). it is a good idea to include a short
English text if you use another language.
- unless you know why, the auto-response shouldn't contain the
original
body. the rationale is to avoid resending spam. I often see auto-
replies
containing viruses. This is irresponsible.
See RFC 3834 for more infos.
Thanks. I have to have them, my users will demand them. If I want to
keep the users, there needs to be auto reply in place. I am glad you
brought up RFC 3834, specifically I need to support section 2 in it's
entirety.
Ideally, I want to support all the "MUST" aspects of that rfc, and any
of the parts that are of "may" and lead to a better system, I want to
support those as well.
So If I am getting this correct, auto-reply is not something native to
postfix other than in a very basic form, and I should look to 3rd
party solutions that have matured?
Thank you
--
Scott * If you contact me off list replace talklists@ with scott@ *
