On Sunday, October 19, 2003 12:42 AM, Gregory Kuhn wrote: > message_is_looping_/home/vpopmail/domains/ctch.net/gkuhn/Maildir//
ah ha! :) this would explain why: grep 'is looping' /var/log/qmail/current bore no fruit :) s/\s+/_/g; sigh. after resolving the PEBKAC error, I do see the entries in my logs. since we're on the topic of guaranteed bouncing (since the Delivered-To: header can still easily be forged), is it worth investing some crypto into it ? or even appending some Site-Unique level string to the end of Delivered-To like the domain name -- instead of: Delivered-To: [EMAIL PROTECTED] it'd be: Delivered-To-nntx.net: [EMAIL PROTECTED] or some such. Whatever the annex is, it'd have to be static (at the site/domain level), because many people use the Delivered-To header for processing via procmail/etc. Forging the Delivered-To line could be to Mr. Spammer's advantage, because he could send millions+ of messages to addresses that use vpopmail, and could depend on the bouncing to deliver his mail; just spoof the envelope recipient/from and wala. Jeremy Kister www.jeremykister.com Argus: The World's Most Advanced Monitoring Software: http://argus.tcp4me.com
