-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, Jul 23, 2004 at 04:36:40PM -0400, Stuart D. Gathman wrote: >On Fri, 23 Jul 2004, Kyle Hasselbacher wrote: > >> I think SPF before challenge is a good idea, but don't make the problem >> bigger than it is. I have an SPF record, and I get 2000 times more bounces >> from mail servers than I do misdirected challenges from TMDA users. That's >> not hyperbole. > >Bounces (as opposed to replies, like TDMA sends) are no problem if you >use SES (SRS for local mail). Forged bounces (mail from <>) are immediately >detected by a missing or invalid SRS crypto cookie, and rejected before DATA.
If you have any method of stopping "forged bounces," it works on TMDA responses. They're the same in a few important ways: * MAIL FROM <> * Sent to the envelope sender of the message it's responding to. * Has References, In-Reply-To, Precedence: bulk, and Auto-Submitted: auto-replied When I wrote my filter to weed out the thousands of bad bounces I get in a day, I didn't have TMDA in mind. Its messages just fell in there on their own. And, as a bonus, I still get REAL bounces and challenges back. I'm not sure what SES is, so maybe I'm missing something. Can you elaborate? - -- Kyle Hasselbacher | Harrisberger's Fourth Law of the Lab: Experience is [EMAIL PROTECTED] | directly proportional to the amount of equipment ruined. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFBAXqf10sofiqUxIQRAjFYAKCReGFph5kj4QFgeK/UrfYEYxURCgCfYfkx 2nGnXlD03u7Gnpfj/Z4eknA= =iIoo -----END PGP SIGNATURE----- _____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
