On Sat, 2007-20-01 at 12:32 -0500, Matt Sergeant wrote:
> On 19-Jan-07, at 4:59 PM, Michael Holzt wrote:
>
> >> I was thinking of rejecting mail when the MAIL FROM is empty or
> >> set to
> >> <> during the MAIL FROM stage.
> >
> > Do not. "<>" is the legitimate envelope sender for bounce messages and
> > shall never be blocked. Unfortunately this can be abused by spammers,
> > but it is nevertheless harmfull to block "<>".
>
> Nonsense. I block all mail from <> and have done for 2 years (maybe
> more). There's no harm been done, and for my little domain with 2
> users I'm blocking up to 30k emails a day that way.
fwiw, rfc2821 says:
If there is a delivery failure after acceptance of a message, the
receiver-SMTP MUST formulate and mail a notification message. This
notification MUST be sent using a null ("<>") reverse path in the
envelope. The recipient of this notification MUST be the address
from the envelope return path (or the Return-Path: line). However,
if this address is null ("<>"), the receiver-SMTP MUST NOT send a
notification. Obviously, nothing in this section can or should
prohibit local decisions (i.e., as part of the same system
environment as the receiver-SMTP) to log or otherwise transmit
information about null address events locally if that is desired. If
the address is an explicit source route, it MUST be stripped down to
its final hop.
rfc 821 only gives an example.
This seems to imply that there is NO requirement to recieve such
messages; only to send them.
According to Dan Bernstein's qmail documentation, qmail-queue and
maildir guarantee delivery (message is written to disk and read back) so
this scenario would only arise if /var/qmail/queue/ and its contents
were lost.
The only way to comply with the 'MUST' clause would be to read the mail
log and send notifications based on the contents of /var/log/mail.* (or
where-ever syslog puts the info) so unless /var/log/
and /var/qmail/queue were on separate disks it might be difficult to
comply. Dan Bernstein has some criticisms of rfc 2821 in his
documentation ... I wonder if this is one of them ... DJB claims that
backing up the mail queue is impractical, iirc.
--
--gh
