On Tue, 22 Jul 2008, ????? ???????? wrote:
While you are talking about loops with "notify mailto", I would like to
ask you about loops with "redirect". I redirect the mail for my
university account to uni(_at_)mydomain, which has the following script:
if header :contains "X-Spam-Level" "+++++"
{
redirect "me(_at_)mydomain";
stop;
}
So, when a spam arrives, the responsibility for the mail is taken and
the mail is redirected to me(_at_)mydomain(_dot_) In the past
me(_at_)mydomain moved
such mails to INBOX.Spam, but recently I changed the script to
require ["ereject"];
if header :contains "X-Spam-Level" "+++++"
{
ereject "Your mail was evaluated as spam and was not delivered.
However you can contact me at +49 721 755345(h) or +49 176 20700494(m).";
stop;
}
and ereject does SMTP reject. Such redirecting script is also installed
for the postmaster(_at_)(_dot_)
When you say "Such redirecting script", do you mean the one for
uni(_at_)mydomain which uses redirect, or the one for me(_at_)mydomain which
uses
ereject?
Now my question is, what happens with the spam
mail: it entered the system being accepted by uni(_at_)mydomain, but it
cannot end in a mailbox.
_That_ message, the one with "X-Spam-Level: +++++", can't, but the ereject
*may* result in a new message, a DSN (aka "bounce"). Whether it does so
depends on the configuration of the mydomain sieve implementation.
If the redirect just queues the redirected message without immediately
trying to process it, then the ereject will result in a DSN coming back to
the envelope sender of the redirect, which may be either uni(_at_)mydomain or
the original envelope sender of the spam.
If the redirection is processed to completion, including the ereject by
the target address, then the original redirect will fail, which will then
result in the original message being delivered to uni(_at_)mydomain's INBOX
(c.f., rfc 5228, section 2.10.6, particularly the last paragraph).
(Those are just two of the possible scenarios. Staring a log files may
give you ideas for other possibilities.)
At the end it enters the postmaster mailbox,
bypassing somehow (to be figured out) the spam filter and growing to
500k.
If the DSN went to the original envelope sender, it will may be rejected
by the far end, in which case it's a "double bounce", which often go to
postmaster by default.
For the postmaster account, ereject is just a Bad Idea. Use discard.
Perform spam rejection early/at the edge: forwarding spam to some other
account is just a problem waiting to happen.
I have uploaded one such message at
https://mail.aegee.org/~didopalauzov/Automatically%20rejected%20mail.eml
.
Ha, nice. Looks like a bounce loop all right. Note that the sieve
implementation there is violating the MIME spec by using multipart
boundary strings that are present in the message being wrapped:
"$pid/$host" ain't good enough.
Philip Guenther