[Mimedefang] How to change envelope sender?
Benoit Panizzon
benoit.panizzon at imp.ch
Mon May 6 03:13:45 EDT 2013
> > I do consider backscatter the more serious problem.
>
> I strongly disagree. Notifying the sender of delivery problems is an
> essential and nonnegotiable element of E-mail. IOW dropping a mail without
> notifying the server is Bad. Full stop.
I fully agree that dropping an email without notificatin to anyone is bad. But
that is not what I intend.
I intend to notify the owner of the address being forwarded to another
address.
Example:
Sender: Bob at aol.example.com
Recipient: Alice at bluewin.example.com
(being forwarded to Emma at gmx.example.com)
So Bob is sending an email to Alice.
Alice has forwarded her Mailbox zu Emma, but that Mailbox is full.
I do rewrite the envelope sender of Bob's Email to Alice at bluewin.example.com
If the subsequent forwarding to Emma fails, Alice is getting that bounce and
not Bob (who could be a spamer and using a forged sender address).
As Alice set up that forwarding, it is her responsibility to make sure that
forwarding is working.
Another advantage: Alice does not disclose to bob, that her email address is
being forwarded.
Antoher advantage: If aol.example.com is protected by SPF, I don't run into a
problem. (SRS is not defined by an RFC yet as I understood).
> Backscatter OTOH is a nuisance, which should be minimized of course, but
> cannot be completely avoided. Blacklisting because of backscatter would be
> a Bad Idea (TM) which I thankfully never encountered so far, but if
> someone did that it would certainly be their own fault if they blocked
> legitimate mail as a result. In my experience, misguided measures like
> that tend to get lifted very quickly if senders and (intended) recipients
> of blocked mails are informed in no unclear words who's responsible for
> the communication failure.
Well, there are such blacklists I can tell you as a tech at an ISP.
Still that does not solve the problem of spam being sent via your
infrastructure as result of phished email accounts etc. You need some kind of
rate limmiting to detect unusual behaviour from users, or unusual logins with
the same credentials from many different ip addresses, a functional abuse desk
etc, but you can not fully prevent some spam being sent over your
infrastructure.
We had even the case where one single email was sent over our infrastructure
to a 'special' spamcop.net spamtrap causing immediate blacklisting of our main
outbound server. And spamcop.net is widely used.
Kind regards
Benoit Panizzon
--
I m p r o W a r e A G -
______________________________________________________
Zurlindenstrasse 29 Tel +41 61 826 93 07
CH-4133 Pratteln Fax +41 61 826 93 02
Schweiz Web http://www.imp.ch
______________________________________________________
More information about the MIMEDefang
mailing list