On Tue, 2006-02-28 at 08:36 -0500, Dick St.Peters wrote:
Mark Shewmaker writes:
On Mon, 2006-02-27 at 14:53 -0500, Dick St.Peters wrote:
The workaround I use is to defer false-bounce checks until after the
DATA command (but before the data itself), using sendmail's
check_data. At that point, $u isn't set, so you have to set your own
macro earlier. I set mine in Local_check_rcpt. Bounces and CBVs
involve only one recipient, making this easy.
Then that means you're breaking my CBV tests--making it look like all
possible MAIL FROM values from your domain are valid.
Not true. If the CBV RCPT (i.e., the MAIL FROM being CBV-checked)
isn't valid, that's caught before DATA, and you'll get a 550 in
response to your RCPT. Your CBV learns the address is invalid.
If the RCPT *is* valid, CBV gets a 250 "ok" and quits, but a fake
bounce goes on to DATA and gets a 554. A legitimate bounce is to an
SRS'd address and has its DATA accepted.
I'm sorry, but I still don't understand.
I see that the following two statements as compatible:
1. That you "defer false-bounce checks until after the DATA
command (but before the data itself)", (from the first
message), and
2. that "a fake bounce goes on to DATA and gets a 554."
However, you also say in the above message that:
3. "If the CBV RCPT [...] isn't valid, that's caught before
DATA".
#3 seems to me to be incompatible with both #1 and #2.
Isn't checking whether a CBV RCPT is valid the very definition of a
false-bounce/fake-bounce check from the server's point of view?
--
Mark Shewmaker
mark(_at_)primefactor(_dot_)com
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com