On 5/31/10 8:12 AM, Per Jessen wrote:
I have just this morning come across an interesting issue (SA 3.2.5). I
was trying to blacklist a From: address using 'blacklist_from', but it
wasn't working. I took a closer look at the email, and noticed:
From: "something or other"< mail...@example.com>
Interesting.. the addr part of the email address would be invalid by RFC
standards (the addr part cannot start with a space)
just use your MTA to block invalid addresses at the gateway. with the
MTA blocking it, the sender (if they are really the sender and not a
bot) will get the NDR without the issue of backscatter to (what address
would you bounce it to? %20mail...@example.com ?
is this in the header from, the envelope from or both? postfix strips
the %20 (space), and changes the envelope (return-path) to
mail...@example.com so is this just in the header from?
my understanding of SA (from a while back) is that it will
blacklist_from based on header from, envelope from and/or sender from,
so if that is so, it should have worked.
--
Michael Scheidell, CTO
Phone: 561-999-5000, x 1259
> *| *SECNAP Network Security Corporation
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best Anti-Spam Product 2008, Network Products Guide
* King of Spam Filters, SC Magazine 2008
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________
