incorrect spam setups cause spool messes on forwarders
Suresh Ramasubramanian
suresh at outblaze.com
Tue Dec 2 15:05:34 UTC 2003
Richard Cox writes on 12/2/2003 9:57 AM:
> VRFY is an (unavoidable) part of the checking routine built into the
> popular "Sam Spade for Windows" client, for manual verification of any
> suspect addresses found to have sent suspicious mail. So just looking
> for VRFY can give you some, er, false positives there ;-)
"a stream of vrfy / expn" I should have said.
> Implementing DELAY_CHECKS (which is normal anyway these days) will of
> course make a complete mockery of the process Verizon have implemented.
Say again? All that delay_checks in sendmail (and this is the default
in exim / postfix etc) does is to defer any rejects based on IP / sender
domain etc till the RCPT TO stage instead of returning 5xx at MAIL FROM:
itself.
I don't see how or where this will have an impact on verizon's sender
verify.
cf/README for sendmail says -
> delay_checks The rulesets check_mail and check_relay will not be called
> when a client connects or issues a MAIL command, respectively.
> Instead, those rulesets will be called by the check_rcpt
> ruleset; they will be skipped under certain circumstances.
> See "Delay all checks" in the anti-spam configuration control
> section. Note: this feature is incompatible to the versions
> in 8.10 and 8.11.
srs
--
srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
manager, outblaze.com security and antispam operations
More information about the NANOG
mailing list