On 2023-08-23 at 05:22:21 UTC-0400 (Wed, 23 Aug 2023 03:22:21 -0600)
IUL Support via Postfix-users <iul-supp...@iul.net>
is rumored to have said:
Hi All,
Have a legacy server that I've just taken over maintaining. It's set
up
with postfix that handles a small handful of email users. In looking
through the logfile I'll frequently see emails bouncing (and the
bounce
messages being deferred so they just sit in the queue wasting
retries).
You should fix that. It is a dangerous practice to accept mail and then
attempt to bounce it on a machine accepting mail from the Internet. This
generates a "backscatter" of bounces to forged addresses, often with
embedded spam and malware in the bounce messages.
The email will be from
some_spammy_text-myuser=mydomain....@notmydomain.com and addressed
to
myu...@mydomain.com.
The LHS always seems to have the same basic format ie. the underscores
and
the equal sign so it seems obvious that they're trying to accomplish
something specific. Is it supposed to help them get past spam
filtering,
or get around some sort of bug?
It is called "variable envelope return path" or more often just VERP. It
is a common practice used in modern mailing list management that sends
each message with one recipient and a unique envelope sender to assure
that any delayed bounces (which are sent to the envelope sender, a.k.a.
'return path') can be positively matched to a user, so that the user can
be removed or suspended from a list if there are problems delivering to
them that can be understood from the bounce as likely to be repaired.
There are related variants on VERP that are used to encode an earlier
return path into a new one on forwarded messages (SRS) and as a trick to
give every message a unique return path and hence eliminate fake bounces
(BATV.)
Can anyone enlighten me as to what they're trying to accomplish and if
I
should be doing anything configuration wise to block them from
accomplishing
it??
Don't block based solely on VERP use. VERP is almost universally used in
business-to-consumer bulk and transactional email, including messages
which are very much wanted and valuable. SRS and BATV, which look very
similar, are used to make other spam mitigation tactics possible.
Is it supposed to help them get past spam filtering, or get around
some sort of bug?
It's all about spam, like everything these days in email...
But it is NOT about getting around filters. It is about enabling
rigorous bounce handling (GOOD!) so that bulk mail senders can avoid
sending de facto spam and keep their lists clean. The similar-looking
BATV and SRS are tactics developed to allow other anti-spam techniques
to work with fewer errors.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
