[milters] Archive

Lists Index Date Thread Search

Article: 130
From: Anthony Howe
Date: 2004-10-07 03:54:24 -0400
Subject: Re: Milter-sender question

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Rose, Bobby wrote:
> This is a question on null <> addressing and rfc interpretation.  I have
> a sending system that looks to have some kind of rule base that allows
> <> but then when the rcpt to is done, it's refused.  My manual testings
> is like this.
>  
> 220 *********************************************************
> helo med.wayne.edu
> 250 chwmail.chw.org Hello med.wayne.edu (146.9.3.78)
> MAIL FROM:<>^M
> 250 sender ok <>
> RCPT TO:<LWeik@chw.org>^M
> 550 Rule imposed mailbox access for LWeik@chw.org refused
>  
> But if I try with the mail from as a non-null then it works.  I'm
> thinking they have it set so that <> only works if sent to their mailer
> daemon and not users.  I haven't been able to verify it and it confused
> me because of their 550 error.  So if it is a case where <> is allowed
> but not allowed to send to users, is that against the RFCs?  If not,
> then should <> test and the sender verification test be separate? 

No. The null address is required for ALL accounts. Its how a user gets 
errors DSN (delivery status notification) like "destination mailbox 
full" or "user unknown" or "host unknown" errors, its also how
MDN (mail 
delivery notices) are returned to sender.

Follow this link:

	http://www.rfc-ignorant.org/policy-dsn.php

At the top of the page are are links to annotated versions of the RFC 
that highlight the relavent sections. RFC 2821 is the significant one:

	http://www.rfc-ignorant.org/rfcs/rfc2821.php#section6.1

The null address is used for automated responses and is recognised by 
servers so as to avoid mail loops. You cannot separate the null sender 
test and the valid address tests, because this could lead to mail loops 
between to call-back testing servers.

Essentially chw.org are misguided in their belief that blocking the null 
address will reduce their spam.  What actually happens is they think the 
world is a happy place since they never see any bounces messages, even 
internal in-house ones. I cannot stress how brain damaged this is to do.

-- 
Anthony C Howe                                 +33 6 11 89 73 78
http://www.snert.com/       ICQ:
7116561         AIM: Sir Wumpus

            "Once...we were here."  - Last of The Mohicans


Lists Index Date Thread Search