On Mon, May 30, 2005 at 11:48:53AM -0400, Kevin Peuhkurinen wrote: > Matthew S. Cramer wrote: > > >If an email is from <> or <MAILER-DAEMON> then I check the mail for a > >line that looks like /^Received.*one.of.our.ip.addresses/. If it > >doesn't have the line, then I reject the mail with a 554 and "Bounced > >message did not originate here." > > I was intrigued by this idea and started looking at some of the mail > coming in from the <> address. One thing I've noticed is that lots of > "Read reciept"s are sent using this address. Have you done something > to allow these through or do you reject them as well?
Here is my perl code for MIMEDefang. I took this from something another member of that list had posted. # Confirm bounces originated from Armstrong if ($Sender =~ /^<>$|^mailer-daemon\@/i) { my $found = 0; my $receivedline = 0; # Skip header if (open(IN,"./INPUTMSG")) { while(<IN>) { s/[\r\n]+//g; last if /^$/; } # Search body while(<IN>) { next unless /Received:/i; $receivedline++; # Look for our ip-range. if (/x\.y\.z\./) { $found++; last; } } close IN; if ($receivedline && !$found) { return action_bounce("Bounced message has no Received line from Armstrong"); } } } So to answer the couple of questions - this doesn't break DSN since I am looking for the Received line itself. Hope that clarifies some things. Matt -- Matthew S. Cramer <[EMAIL PROTECTED]> Office: 717-396-5032 Infrastructure Security Analyst Fax: 717-396-5590 Armstrong World Industries, Inc. Cell: 717-917-7099