[Mimedefang] Re: calling action_bounce() for viruses
Michael Sims
michaels at crye-leike.com
Tue Sep 30 08:49:00 EDT 2003
Sevo Stille wrote:
> Right. Besides: action_bounce rejects with a 5xx code - it is up to
> the delivering MTA whether and how it will generate a bounce message.
> If it does send bounce messages to an address that does not match the
> true origin of the mail it attempted to deliver, it is IMHO broken.
What about .forward files? Example:
Spam/virus message is delivered to <user at example1.com>, and the envelope
sender is forged as <innocent_victim at aol.com>. <user at example.com> has a
.forward file that goes to <another_user at example2.com>. The MX for
example1.com accepts the message with the forged envelope sender, then
attempts to hand it off to the MX for example2.com, but that MX reports that
"another_user" is over quota. Now example1.com's MX has to compose a DSN to
the faked envelope sender.
The only solution I see to that is to either disallow .forward type
forwarding, or before returning an OK, attempt the complete delivery
including all forwarding while the original relay is still connected.
Of course, I know this sort of thing is not nearly as prevalent as mail
relays that unconditionally accept all mail addressed for the domain they
handle, but it still happens from time to time...
___________________________________________
Michael Sims
Project Analyst - Information Technology
Crye-Leike Realtors
Office: (901)758-5648 Pager: (901)769-3722
___________________________________________
More information about the MIMEDefang
mailing list