Re: rejecting an invalid return path
Raffael Schmid put forth on 12/7/2009 4:10 AM: Hi list Do you know whether there is a possibility to reject invalid return paths in postfix? The problem is, that we get spam with a header-line like the following and would like to reject those messages: Return-Path: MAILER-DEAMON http://www.postfix.org/BACKSCATTER_README.html -- Stan
Re: rejecting an invalid return path
Hi Stan Hoeppner wrote: The problem is, that we get spam with a header-line like the following and would like to reject those messages: Return-Path: MAILER-DEAMON http://www.postfix.org/BACKSCATTER_README.html Already read this and I also would know how to do this. But I thought maybe this is configurable as it is not RFC-conform and would also be an easy approach to block some spam? And as far I know postfix, there are many such small configure-options... regards raf
Re: rejecting an invalid return path
Raffael Schmid: Hi list Do you know whether there is a possibility to reject invalid return paths in postfix? The problem is, that we get spam with a header-line like the following and would like to reject those messages: Return-Path: MAILER-DEAMON AFAIK the return-path above is invalid, as there is only the following formats allowed: Return-Path: john@example.org Return-Path: As I did not find a option in postfix to reject those mails, i could write a header check with pcre. But before I will do this, I'd like to verify whether there is really no option in postfix to set this? Postfix has no enforce RFC 100% option. In particular, the address parser must tolerate errors. Unlike a compiler such as GCC, Postfix cannot abort on incorrect syntax, or throw away all the input that it can't understand, therefore it cannot be implemented with a parser that strictly goes by the rules of the grammar. Adding a check for every possible violation is not practical, therefore Postfix has explicit checks only for the most common violations. Wietse
Re: rejecting an invalid return path
On 12/7/2009 4:10 AM, Raffael Schmid wrote: Hi list Do you know whether there is a possibility to reject invalid return paths in postfix? The problem is, that we get spam with a header-line like the following and would like to reject those messages: Return-Path:MAILER-DEAMON AFAIK the return-path above is invalid, as there is only the following formats allowed: Return-Path:john@example.org Return-Path: As I did not find a option in postfix to reject those mails, i could write a header check with pcre. But before I will do this, I'd like to verify whether there is really no option in postfix to set this? Regards raf You can use reject_non_fqdn_sender in your smtpd_*_restrictions. http://www.postfix.org/postconf.5.html#reject_non_fqdn_sender You can use reject_unverified_sender, but note that some admins will consider this abuse. If you use it, best applied selectively. Here's an example: http://www.postfix.org/ADDRESS_VERIFICATION_README.html#forged_sender -- Noel Jones
Re: rejecting an invalid return path
On Mon, Dec 07, 2009 at 11:10:15AM +0100, Raffael Schmid wrote: The problem is, that we get spam with a header-line like the following and would like to reject those messages: Return-Path: MAILER-DEAMON Almost certainly the actual envelope sender was MAIL FROM:, and the MAILER-DAEMON was created during further processing on your system. For example, default configurations of pipe(8) replace empty sender addresses with MAILER-DAEMON. -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:majord...@postfix.org?body=unsubscribe%20postfix-users If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly.