[Mimedefang] Sender validation
Jonas Eckerman
jonas_lists at frukt.org
Fri Jun 25 05:22:12 EDT 2004
On Thu, 24 Jun 2004 13:12:36 -0400 (EDT), David F. Skoll wrote:
> See the thread at [...] for some pitfalls.
Thanks for the link.
That thread seems to mostly deal with <> and postmaster. I don't try to validate <> or postmaster at .*. My current list of patterns to validate looks like this:
if ($sender !~ /^<?>?$/ && $sender !~ /^<?(postmaster|abuse)@/i && $sender !~ /^<?(|.*[-_+=])(daemon|gateway)(|[-_+=].*)@/i &&
$sender !~ /@(|[^@]+\.)(bounces?|returns?|lists?|newsletters?)\.[^@\.]+\.[^@\.]+[^@]*$/i &&
($sender !~ /^<?(|.*[-_+=])(anonymous|undisclosed|unspecified|lists?|returns?|users|bounces?|\d+)(|[-_+=].*)@/i ||
$sender !~ /^<?(|.*[-_+=])$OurDomains(|[-_+=].*)@/i)) {
As you can see there's a bunch of addresses I don't validate. This is for completely separate reasons:
1: Addresses like mailer-daemon at .* are normal sender addresses even when if you can't actually send mail to that address.
2: Addresses like hiho at lists.roaringpenguin.com might be fake, but I don't want to make a too big impact on hard working list servers.
3: Addresses like abuse at .* might be faked, but they usually work so I don't want to spend time validating them.
This means that there's a whole bunch of addresses I never try to validate, but a grep -c tells me there's still a bunch of mails that will be rejected in"filter_recipient" if I start rejecting on this criteria, and so far with *no* FPs (still watching though).
(I'm going to remember that bit about rejecting from <> to multiple recipients (after DATA). Even if it only catches a few spams (does it?), it'd be such a small addition to the filter's code that it'd be worth it...)
/Jonas
--
Jonas Eckerman, jonas_lists at frukt.org
http://www.fsdb.org/
More information about the MIMEDefang
mailing list