|
>>
Will it let your AVP message through since they are from that
address?
Yes AVP will let its own "EICAR
test pattern" self-test messages through; those are explicitly addressed to
127.0.0.1. (Regular AVP messages are NOT sent to 127.0.0.1, unless
you are running some wacky internal DNS for your own
domain). This update is meant to block messages FROM a domain with a
MX record that resolves to 127.0.0.1, received by your server.
For example, here is a line from our AVP log
"c:\install\mfilter\avp.log", showing that AVP trashed a spam
message:
Fri Jul 28 10:38:46 2006 Message <[EMAIL PROTECTED]>
trashed. Domain '0s.com' fails MXRDNS=127.0.0.1 mail exchanger (MX)
tests.
If you type "nslookup -q=mx 0s.com" at the
command prompt, you will see that 0s.com lists their mail exchanger as
127.0.0.1, which is plainly and clearly illegal, and would only be done by
a spammer!
Unfortunately, EMWAC IMS has a major bug:
If this particular message was sent to an invalid e-mail address in your domain,
and not trapped otherwise as spam, EMWAC will try to send a bounce message
to the sending domain, which will result in a calamitous mail loop on your EMWAC
IMS server. EMWAC tries to respond to 127.0.0.1, its own
receiver. This can cause your \incoming directory to fill up
with progressively larger messages, and IMS or SCSMfilter to fail.
The fix is to check messages as they
comes in, and for AVP to consider mail from any domain that lists its mail
server's address as 127.0.0.1 as spam, and to trash or discard it, as you
choose.
This has been a longstanding issue here,
and I thought it important enough to release an update to AVP that covers
it.
Regards,
-- Eric
|
- AVP 2.3.1 Zaxalon Webmaster
- Re: AVP 2.3.1 James Goines
- Re: AVP 2.3.1 Zaxalon Webmaster
- RES: AVP 2.3.1 Guilherme Rudnitzki
- RES: AVP 2.3.1 Guilherme Rudnitzki
- RE: AVP 2.3.1 Randy Brukardt
- TF Pro and SPF Guilherme Rudnitzki
- RE: TF Pro and SPF Randy Brukardt
