[Mimedefang] bounce mail based on To: domain

Scott.Larnach at ed.ac.uk Scott.Larnach at ed.ac.uk
Mon Sep 30 08:54:01 EDT 2002 

On Sun, 29 Sep 2002, David F. Skoll wrote:

> [...] But again, I believe access_db is consulted
> for envelope senders only, not headers.

That's right. Header tests can only be done in the configuration
file using header check rulesets. (Or in a milter!)

On Sun, 29 Sep 2002, Ashley M. Kirchner wrote:

> Return-Path: <remove at biggerbreastsnow.com>
> Received: from serpico.pcraft.com (serpico.pcraft.com [204.144.132.162])
>         by users.pcraft.com (8.11.6/8.11.6-mx1) with ESMTP id g8TD8Da01208
>         for <a_user at pcraft.com>; Sun, 29 Sep 2002 07:08:14 -0600
> Received: from 195.61.229.16 ([195.61.229.16])
>         by serpico.pcraft.com (8.12.6/8.12.6) with SMTP id g8TDDE2f028938
>         for <a_user at pcraft.com>; Sun, 29 Sep 2002 07:13:19 -0600
> Message-Id: <200209291313.g8TDDE2f028938 at serpico.pcraft.com>
> From: Amanda <remove at biggerbreastsnow.com>
> To: Ezine at serpico.pcraft.com

Something to watch out for here. If the To: header is domainless
when serpico.pcraft.com receives it, that is, it looks like

  To: Ezine

then sendmail will append its own canonical domain name ($j in
the configuration file). It does this to make the field legal
(the address should always have a domain) and (I assume) on the
assumption that it's likely a local client submitting a message
and qualifying the address with the local domain will be
correct. (Sendmail does the same for any domainless addresses in
From: or Cc: headers too.) So when serpico receives the message
it might not even have a domain in the To: header.

I see a lot of spam that's clearly been sent through my mail relays like
this.

I don't know at this point whether sendmail appends the domain
before or after the milter sees it, but I have a feeling it may
be after. So possibly you might get some mileage out of testing
for the absence of '@' in the To: address. I think I'd only do
this for messages being received from outside my own domain.
Hope this helps.

Scott Larnach, Edinburgh University

More information about the MIMEDefang mailing list