On Mon, May 30, 2005 at 11:48:53AM -0400, Kevin Peuhkurinen wrote:
> Matthew S. Cramer wrote:
>
> >If an email is from <> or <MAILER-DAEMON> then I check the mail for a
> >line that looks like /^Received.*one.of.our.ip.addresses/. If it
> >doesn't have the line, then I reject the mail with a 554 and "Bounced
> >message did not originate here."
>
> I was intrigued by this idea and started looking at some of the mail
> coming in from the <> address. One thing I've noticed is that lots of
> "Read reciept"s are sent using this address. Have you done something
> to allow these through or do you reject them as well?
Here is my perl code for MIMEDefang. I took this from something
another member of that list had posted.
# Confirm bounces originated from Armstrong
if ($Sender =~ /^<>$|^mailer-daemon\@/i) {
my $found = 0;
my $receivedline = 0;
# Skip header
if (open(IN,"./INPUTMSG")) {
while(<IN>) {
s/[\r\n]+//g;
last if /^$/;
}
# Search body
while(<IN>) {
next unless /Received:/i;
$receivedline++;
# Look for our ip-range.
if (/x\.y\.z\./) {
$found++;
last;
}
}
close IN;
if ($receivedline && !$found) {
return action_bounce("Bounced message has no Received line from
Armstrong");
}
}
}
So to answer the couple of questions - this doesn't break DSN since I am
looking for the Received line itself. Hope that clarifies some
things.
Matt
--
Matthew S. Cramer <[EMAIL PROTECTED]> Office: 717-396-5032
Infrastructure Security Analyst Fax: 717-396-5590
Armstrong World Industries, Inc. Cell: 717-917-7099
