[Mimedefang] Removing read receipts for particular account.
Mark Suter
suter at zwitterion.humbug.org.au
Thu May 6 10:00:08 EDT 2004
Prashanth,
> Can any one help me in how to remove read receipts for a particular email id?
Automaticaly generated emails such as return receipts, delivery notices,
read receipts and out of office replies provide a wealth of information
to a potential attacker, for example,
* operating systems and versions
* email server software and versions
* email client software and versions
* email architecture
Here are some headers to drop on incoming emails to prevent requests for
a receipts. Please let me know if you are aware of other headers.
Disposition-Notification-To:
Receipt-Requested-To:
Confirm-Reading-To:
MDRcpt-To:
MDSend-Notifications-To:
Smtp-Rcpt-To:
Return-Receipt-To:
Also consider dropping outbound NDN notices, that is, email where
* From address is the null address
* Small, say under 5000-10000 bytes
* The subject contains one of the following (again, suggections?)
DELIVERY FAILURE:
Undeliverable:
Undeliverable message
Delivery Status Notification
Returned mail:
Limiting actions to users or domains has been covered in many times on
this list - search the list (look at email headers for the URIs).
Yours sincerely,
Mark Suter Miju Systems http://www.miju.com.au/
Phone: +61 411 262 316 PO Box 176, Corinda Q 4075, Australia
Email: mark.suter at miju.com.au ABN 48 065 548 496
Fax: +61 7 3278 2343
More information about the MIMEDefang
mailing list