Den 14.08.2006 kl. 19:48 skrev Sanford Whiteman
<[EMAIL PROTECTED]>:
Hi, in order to avoid bouncing spam back to the (almost certainly) faked
sender-addresses, I thought I could use SA directly:
What's your MTA and/or SA-invoking app? Surely it is easier to have
that agent parse SA's feedback (headers, subject mod or score) in
deciding the final disposition of the msg than to try to trick the MTA
into dumping the mail.
I use Qmail. To obtain the above, I must patch with spam-control or
similiar.
I'd rather do something simpler.
Please elaborate on the use case in which you can't use MTA processing
rules to prevent backscatter, given that you trust SA markup
completely here, right?
I realize that I did not explain my setup sufficiently in the original
post:
I run a qmail frontend for a FirstClass system. The qmail accepts mail for
about 500 domains, hosted on the FirstClass system, and scans them with SA.
In then injects them into FirstClass. If the domain is known, but the user
is
wrong (as in "[EMAIL PROTECTED]") the mail is rejected on
smtp-level by FirstClass. Qmail then generates a bounce back to the
original
sender. In case of spam, origninal sender is faked and we have backscatter.
I know qmail-ldap could be of some use here, but I have no way of setting
up an ldap-server that knows legitimate FirstClass adressess (FirstClass
itself
could do it, but it is running at 99% capacity most of the time, so no go.
Exporting adresses from FirstClass won't do either, as there are
forum-adresses
that wont export). This is a classic "MTA frontend" problem, but I'm
afraid I'm
stuck with it.
I trust SA enough, that I would suppress all bounces generated by
undeliverable
mails that SA believes to be spam. I though that if spamassassin wold
insert
"Reply-to: <>" in any spam message, this would do the trick.
It turns out I misread http://cr.yp.to/proto/mailloops.txt, confusing
"replier" and "bouncer". A replier will use "Reply-To:" before
envelope-sender
but a bouncer will not.
Den 15.08.2006 kl. 03:56 skrev John Andersen <[EMAIL PROTECTED]>:
On Monday 14 August 2006 01:44, Ole Nomann Thomsen wrote:
Hi, in order to avoid bouncing spam back to the (almost certainly) faked
sender-addresses, I thought I could use SA directly:
Why would you bounce spam, with or without spamassassin?
My original post wasn't clear: I *don't* want to bounce spam. And I dont
want
undeliverable spam to generate bounces. The question was (or should have
been)
how to avoid the latter in a simple way.
Den 15.08.2006 kl. 04:21 skrev David B Funk <[EMAIL PROTECTED]>:
Other people have already commented on the issue of bouncing spam.
One detail that I think you don't understand, mail routing is controlled
by the envelope-sender and envelope-recipient addresses, the addresses
in the headers are ignored for that purposes. In most configurations SA
only gets to see/change the headers, it does not get to mess with the
envelope addresses at all.
Thus even if you could get SA to change the header addresses it wouldn't
have your desired effect.
You're absolutely right. As mentioned above, I confused "repliers" and
"bouncers".
- Ole (thoroughly castigated, thus enlightened :-)