On Fri, Nov 18, 2005 at 10:23:05AM +0000, Declan Moriarty wrote: > > Third, If I applied things like reject_non_fqdn_sender, > reject_unknown_sender_domain or reject_unverified_sender I would bounce > several list members with half cocked mail setups, I suspect.
Let me try to clarify some those checks. Assume you had postfix on your box receiving mail. That is, lfs list mail was sent from belg to genius. No ISP, no fetchmail. Many of the checks would pass regardless of what the author used for an email address because belg is sending you the mail, not the author. >From [EMAIL PROTECTED] Fri Nov 18 07:30:30 2005 This is the envelope header of your email which I'm replying to now. This is who the email is from as far as postfix is concerned. From: Declan Moriarty <[EMAIL PROTECTED]> This is who the email claims to be from. Just like a real letter, you can claim to be one person on the envelope of a letter, and yet use a different address on the letter inside the envelope. The postal worker does not know that. > Fourthly, I would also note that I receive no mail until my isp has > terminated his transaction with the spammer, and then scanned it fairly > thoroughly(some seconds), and then held it for collection (Some minutes > or hours). That leaves me unclear what percentage of bounces will > actually reach a spammer, or more likely waste bandwidth on legit > servers until it double bounces somewhere and gets ditched. It happens like this: 1) Either the server admin sets a policy that email is processed while the sending smtp server sits on the line (that allows for a rejection code) or 2) It tells the sending server that it received it okay, disconnects, and then processes the mail. I would imagine #2 is more common because it increases throughput and prevents extra failures due to smtp timeouts. However, now you can't send an error code so you are left with another policy decision: bounce, discard or send it on to the intended recipient. My ISP, for example, just marks the subject line and lets the customer decide since it is their email and false positives are always possible. -- Archaic Want control, education, and security from your operating system? Hardened Linux From Scratch http://www.linuxfromscratch.org/hlfs -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page