On Thu, 24 Jun 2004 13:12:36 -0400 (EDT), David F. Skoll wrote:
> See the thread at [...] for some pitfalls.
Thanks for the link.
That thread seems to mostly deal with <> and postmaster. I don't try to validate <> or
[EMAIL PROTECTED] My current list of patterns to validate looks like this:
if ($sender !~ /^<?>?$/ && $sender !~ /^<?(postmaster|abuse)@/i && $sender !~
/^<?(|.*[-_+=])(daemon|gateway)(|[-_+=].*)@/i &&
$sender !~ /@(|[EMAIL
PROTECTED])(bounces?|returns?|lists?|newsletters?)[EMAIL PROTECTED]@[EMAIL
PROTECTED]/i &&
($sender !~
/^<?(|.*[-_+=])(anonymous|undisclosed|unspecified|lists?|returns?|users|bounces?|\d+)(|[-_+=].*)@/i
||
$sender !~ /^<?(|.*[-_+=])$OurDomains(|[-_+=].*)@/i)) {
As you can see there's a bunch of addresses I don't validate. This is for completely
separate reasons:
1: Addresses like [EMAIL PROTECTED] are normal sender addresses even when if you can't
actually send mail to that address.
2: Addresses like [EMAIL PROTECTED] might be fake, but I don't want to make a too big
impact on hard working list servers.
3: Addresses like [EMAIL PROTECTED] might be faked, but they usually work so I don't
want to spend time validating them.
This means that there's a whole bunch of addresses I never try to validate, but a grep
-c tells me there's still a bunch of mails that will be rejected in"filter_recipient"
if I start rejecting on this criteria, and so far with *no* FPs (still watching
though).
(I'm going to remember that bit about rejecting from <> to multiple recipients (after
DATA). Even if it only catches a few spams (does it?), it'd be such a small addition
to the filter's code that it'd be worth it...)
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
_______________________________________________
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
