On Thu, 24 Jun 2004 13:12:36 -0400 (EDT), David F. Skoll wrote: > See the thread at [...] for some pitfalls.
Thanks for the link. That thread seems to mostly deal with <> and postmaster. I don't try to validate <> or [EMAIL PROTECTED] My current list of patterns to validate looks like this: if ($sender !~ /^<?>?$/ && $sender !~ /^<?(postmaster|abuse)@/i && $sender !~ /^<?(|.*[-_+=])(daemon|gateway)(|[-_+=].*)@/i && $sender !~ /@(|[EMAIL PROTECTED])(bounces?|returns?|lists?|newsletters?)[EMAIL PROTECTED]@[EMAIL PROTECTED]/i && ($sender !~ /^<?(|.*[-_+=])(anonymous|undisclosed|unspecified|lists?|returns?|users|bounces?|\d+)(|[-_+=].*)@/i || $sender !~ /^<?(|.*[-_+=])$OurDomains(|[-_+=].*)@/i)) { As you can see there's a bunch of addresses I don't validate. This is for completely separate reasons: 1: Addresses like [EMAIL PROTECTED] are normal sender addresses even when if you can't actually send mail to that address. 2: Addresses like [EMAIL PROTECTED] might be fake, but I don't want to make a too big impact on hard working list servers. 3: Addresses like [EMAIL PROTECTED] might be faked, but they usually work so I don't want to spend time validating them. This means that there's a whole bunch of addresses I never try to validate, but a grep -c tells me there's still a bunch of mails that will be rejected in"filter_recipient" if I start rejecting on this criteria, and so far with *no* FPs (still watching though). (I'm going to remember that bit about rejecting from <> to multiple recipients (after DATA). Even if it only catches a few spams (does it?), it'd be such a small addition to the filter's code that it'd be worth it...) /Jonas -- Jonas Eckerman, [EMAIL PROTECTED] http://www.fsdb.org/ _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang