On Sat, 17 Sep 2005 administrator(_at_)yellowhead(_dot_)com wrote:
Please correct me if I am wrong, but I don't think this is the way SPF is
supposed to be used. The source appears to be [133.240.64.147] which
[ snip sending DSN to known forged return path ]
Yes, this is case of "people unclear on the concept". However, at
least they were kind enough to send you a sort-of real DSN (mail from
should have been '<>', but you could use a heuristic to convert
postmaster@ to '<>'). You can filter out all those forged bounces and
bounced forgeries by signing your outgoing return path with SRS or
(old style) SES.
Which brings me to my question:
I was tired of getting announcements from virus scanners all over the
world that I had apparently sent them a virus. The announcements
are not DSNs, so they are not automatically rejected.
However, I have just implemented the following heuristic policy on
a temporary basis on my home server:
user,domain = parse_addr(self.mailfrom)
if user.lower() in ('postmaster','mailer-daemon'):
self.mailfrom = '<>'
As a consequence:
1) mail from PostMaster, etc, is now rejected unless HELO name passes SPF or
matches connect ip.
2) mail from PostMaster, etc, sent to anything other than my return-path
(mail from) is rejected (because I sign my return-path).
Any comments? Is this abuse of the RFCs going too far? It is, of course,
in response to wide-spread abuse by Virus scanners (and now SPF checkers),
where they send non-DSN notification of their action.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com