I've implemented a verify_sender routine as inspired by
the postfix address verification, noted below. Patch
is attached.
I added a subroutine in EvalTests.pm called verify_sender()
that will verify a given address with an appropriate mx.
It needs a mechanism to get the envelope-from for this
to be effective. This implementation relies on the header
Return-Path: which postfix adds to messages.
This routine can be invoked from a local.cf like this:
header UNVERIFIED_ADDRESS eval:verify_sender()
The postfix address verification is described here:
http://www.porcupine.org/postfix-mirror/newdoc/ADDRESS_VERIFICATION_README.html
I'd like to use this technique, but would rather assign
a score with SA, rather than make a reject/accept decision
in the mta.
This is a naive implementation in many ways.
1) It assumes the envelope-from is retreivable from the
Return-Path: header which is true in postfix-land. I'm not
sure about elsewhere.
2) There's still a bunch of debugging code in here. I thought
I'd leave it in in this patch, in case it helps anyone else
get it working.
3) It relies on 2 extra perl modules: Net::DNS and Net::SMTP
which might be better outside the spamd process space. Maybe
a sender verification daemon?
4) It only checks with the highest priority mx record for a given
domain and does not move on to lower priority records. Simplicity
is the reason here.
I'd love some feedback or reports on whether anyone else
can get this working.
Thanks,
ari
--
Ari Jort
[EMAIL PROTECTED]
