Had the following come through--spam, of course--and wondered if SIMS
shouldn't verify From, Return-Path and Reply-To domains if the "Verify
Return-Path" option is checked.
>SYSTEM [S.0000505048] S.0000505048 0+1 From:[EMAIL PROTECTED]
>SYSTEM(POP) [S.0000505048] delivered to (account)
>SYSTEM [S.0000505049] <AUTOS.0000505048-505049@mydomain> 1+0 From:NULL@NULL
>SYSTEM [S.0000505048] deleted
>SMTP-223(hhjjkkkk) Failed to get IP addresses. Error Code=-3170
>SMTP [S.0000505049] dequeueing
>SYSTEM(SMTP) [S.0000505049] failed on (hhjjkkkk)jkl. Error Code=-15001
>SYSTEM Return Receipt failed: headers are too long
In this case, the account that received the spam sends an auto-reply. So
SIMS verifies and thus accepts the "gcn.net.tw" host in the From field as
valid, but then tries to SEND the auto-reply to "jkl@hhjjkkkk", which it
never verified.
Yes, I realize that you can't verify such Reply-To's as NULL@NULL or
such, but shouldn't SIMS check all response hosts for validity,
especially if it's going to reply automatically to an unverified one?
Just being able to refuse messages from invalid domains (such as the
above) would be nice.
Or is there something I'm not considering that makes such rejection a bad
thing?
----------------------------------------------------
Dave Martin * Microcomputer Specialist
Texas A&M University * English Department * MS 4227
[EMAIL PROTECTED] * (979) 845-8344 * Blocker 218D
http://www-english.tamu.edu/pers/staff/dave/
#############################################################
This message is sent to you because you are subscribed to
the mailing list <[EMAIL PROTECTED]>.
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
Send administrative queries to <[EMAIL PROTECTED]>
