On Thu, 2009-05-14 at 12:42 -0400, Bowie Bailey wrote:
> I have the whitelist_bounce_relays options set for vbounce and the rules
> are hitting on bounce messages, but the whitelists don't seem to be working.
>
> In my local.cf, I have:
>
> whitelist_bounce_relays bnofimage1.buc.com
>
> But, an email with this header comes through:
Do you really mean *header* of the message here?
> Received: from bnofimage1.buc.com (bnofimage1.buc.com
> [::ffff:172.16.17.11])
> by bnofmail.buc.com with esmtp; Thu, 14 May 2009 12:22:03 -0400
> id 0013C1A3.4A0C452B.0000728E
>
> and it gets hit with BOUNCE_MESSAGE and ANY_BOUNCE_MESSAGE.
>
> What am I missing here?
The definition of a bounce? ;)
The VBounce plugin does *not* check the messages headers. Instead, it
has a look at the plain text body and any message/* MIME attachments.
If it finds your own, whitelisted SMTP relay in there, it is not a
backscatter bounce. The original message passed through your servers.
If, however, your relays are not in there, the original, bounced message
is a forgery, not sent via your relays.
Looking at the received messages actual headers will always show your
SMTP servers -- your MX, the inbound one. Which often is the same as the
outbound one, unless you got a dedicated server.
--
char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
