[Top] [All Lists]

Re: redirect / ereject loops

2008-07-22 16:17:17

On Tue, 22 Jul 2008, ????? ???????? wrote:
While you are talking about loops with "notify mailto", I would like to 
ask you about loops with "redirect". I redirect the mail for my 
university account to uni(_at_)mydomain, which has the following script:

if header :contains "X-Spam-Level" "+++++"
                redirect "me(_at_)mydomain";

So, when a spam arrives, the responsibility for the mail is taken and 
the mail is redirected to me(_at_)mydomain(_dot_) In the past 
me(_at_)mydomain moved 
such mails to INBOX.Spam, but recently I changed the script to

require ["ereject"];

if header :contains "X-Spam-Level" "+++++"
        ereject "Your mail was evaluated as spam and was not delivered.
However you can contact me at +49 721 755345(h) or +49 176 20700494(m).";

and ereject does SMTP reject.  Such redirecting script is also installed 
for the postmaster(_at_)(_dot_)

When you say "Such redirecting script", do you mean the one for 
uni(_at_)mydomain which uses redirect, or the one for me(_at_)mydomain which 

Now my question is, what happens with the spam 
mail: it entered the system being accepted by uni(_at_)mydomain, but it 
cannot end in a mailbox.

_That_ message, the one with "X-Spam-Level: +++++", can't, but the ereject 
*may* result in a new message, a DSN (aka "bounce").  Whether it does so 
depends on the configuration of the mydomain sieve implementation.

If the redirect just queues the redirected message without immediately 
trying to process it, then the ereject will result in a DSN coming back to 
the envelope sender of the redirect, which may be either uni(_at_)mydomain or 
the original envelope sender of the spam.

If the redirection is processed to completion, including the ereject by 
the target address, then the original redirect will fail, which will then 
result in the original message being delivered to uni(_at_)mydomain's INBOX 
(c.f., rfc 5228, section 2.10.6, particularly the last paragraph).

(Those are just two of the possible scenarios.  Staring a log files may 
give you ideas for other possibilities.)

At the end it enters the postmaster mailbox, 
bypassing somehow (to be figured out) the spam filter and growing to 

If the DSN went to the original envelope sender, it will may be rejected 
by the far end, in which case it's a "double bounce", which often go to 
postmaster by default.

For the postmaster account, ereject is just a Bad Idea.  Use discard.

Perform spam rejection early/at the edge: forwarding spam to some other 
account is just a problem waiting to happen.

 I have uploaded one such message at 

Ha, nice.  Looks like a bounce loop all right.  Note that the sieve 
implementation there is violating the MIME spec by using multipart 
boundary strings that are present in the message being wrapped: 
"$pid/$host" ain't good enough.

Philip Guenther

<Prev in Thread] Current Thread [Next in Thread>