On Wed, 22 Nov 2006, Stuart D. Gathman wrote:
On Wed, 22 Nov 2006, Alex van den Bogaerdt wrote:
On Wed, Nov 22, 2006 at 10:07:08AM -0500, Stuart D. Gathman wrote:
I see the problem. This does complicate rejecting bogus DSN's. To
the extent that you need to accept these malformed DSN's and you
still want to protect yourself from forged bounces, there is not
much choice. This still doesn't interfere with postmaster sending
you ordinary mail, and you still reject bogus DSN's that don't meet
one of the three criteria you listed. The last two are particularly
annoying. What MTA's do this?
A quick look turns up the mostly the following:
From: Symantec_Mail_Security_for_SMTP(_at_)garveyintl(_dot_)com
Content-Type: multipart/report; report-type=delivery-status;
This isn't a DSN.
A DSN is sent using the null sender.
EXACTLY. But the sender *intended* it to be a DSN. It has the same
multipart structure as a DSN. It *ought* to be a DSN. It is an autoresponse
sent to MAIL FROM, and I need to treat it like a DNS in order to reject it.
Symantec Mail Security is broken. Pretending such spamming abominations
are DSNs is a workaround.
BTW, another important reason for recognizing lame "DSN"s, is that they
are often sent in response to a CBV. I use SRS to store the original sender
in various header fields, one or more of which are usually spit back
in the lame "DSN". I can then blacklist the original sender. I.e., the
recipient didn't really exist in the CBV.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735