Date: 2005-08-03 09:46:57 -0400
Subject: [DYNDNS] Re: Re: [DYNDNS] Re: Re: sender question
More information..: http://www.milter.info/#Support
>From: cc <firstname.lastname@example.org>
>>Here's a block of pseudocode that might better elucidate what I was trying to
>>RECV_COUNT = get_number_of_received_headers();
>>if (RECV_COUNT == 0)
>> * Assume my Received header has not yet been attached.
>> * Otherwise, we'd also have to check the first (most recent) header
>> * to see if it's ours
>Please correct me if I'm wrong, but as far as I know, the current mail
>server's Recevied message won't be attached to the mail until the email
>passes all the milters.
That IS my recollection as well. However, I wanted to make my thoughts as
explicit as possible in the pseudocode, so I felt it best to at least account
for the possibility in the comments. Also, is it not possible that a previous
milter COULD have added a 'faked' Received header for some purpose? Like, to be
compatible with SpamAssassin as Anthony mentioned remembering that he had to
>> if ( client_has_smtp_auth() )
>> else if ( client_in_relay_domains() )
>> else /* some random computer is connecting to me directly */
> I wouldn't do a wholesale reject,
I can see arguments for doing both. Ideally, I'd like to be able to pass an
option to the milter to tell it whether to reject, drop, or just tag the message
if it hits.
>but this part certainly requires a lot more
>direct spam vs. direct mail from friends (who happens to have dyndns
Right. In this block, the thinking is that any email sent by a properly
behaving mail client will be touched by a MINIMUM of one other mail server
before it gets to mine, UNLESS they are explicitly allowed to send to my server
directly. (either by authenticating with sendmail or PopBeforeSMTP, or by the
host being listed in the /etc/mail/relay-domains file)
Since it's possible that the mail client program is running on the same machine
as the mail server (e.g.: status emails from daemons running on the mailserver)
you would have to allow for the possibility that both the "from" and
machines in a Received header be identical... But there should still be a
minimum of one Received line before it gets to my server.
>> * I am not the first mailserver / relay to touch this message.
>> * this block COULD get ugly, depending on exactly what you want it to do.
>> * I'd actually be happy just with what's above
>I get the feeling that it will get ugly. Unless you limit the level of
>checking to say 2-3. I mean, after 3 received headers, I think it
>apparent as to whether the mail is legit or not. Of course, it's
>Possibly a good configuration option, I would say.
Agreed. In my experience, if there are forged Received: headers, it's aparent
after looking only at the first 1-2 (not including the line for receipt by my
>>Once you encounter a private IP, all bets are off. If that happens, your best
>>bet is to pass the message and let the other milters decide what to do with
>True. I think if it goes to this stage, it'll have to go through a
>since the headers check won't come up with anything.
Copyright 2009, 2012 by SnertSoft. All rights reserved.