[milters] Archive

Lists Index Date Thread Search

Article: 1012
From: Grant Taylor
Date: 2006-07-10 02:19:53 -0400
Subject: Milter-Null and / or SRS filtering...

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support

I would like to take a moment to engage peoples thoughts and opinions on the pros and cons
of Milter-Null verses Sender Rewriting Scheme, a.k.a. SRS  As I understand it, both
Milter-Null and SRS filtering provide / fulfill the same goal of filtering out bogus
Delivery Status Notifications messages.  As I write this I'm not sure if SRS Filtering
will filter out bogus Message Disposition Notification messages or not, though I suspect
that it would.  Each does this filtering in vastly different ways.  Both of which could be
used on the same system though SRS Filtering would prevent Milter-Null from ever rejecting
messages because as I understand it SRS Filtering will happen before Milter-Null enters
the picture.  I suppose that it is possible that a message that is spoofed could pass out
the server that is doing the SRS rewriting, however it would also pass through
Milter-Null, so both will miss this message.

As a quick reminder for me to get things straight in my head and as a reminder for those
who have had to deal with many users sense reading about SRS, a quick refresher.  Sender
Rewriting Scheme works by rewriting the SMTP Mail From: address to an SRS
""encoded (if you will) form there of.  Namely if I send a message out as
"MAIL FROM:<gtaylor (at) riverviewtech (dot) net>" (correct formatting of
course) the actual mail from command during the SMTP Transaction would be something more
like this "MAIL
FROM:<SRS0+<hash>+gtaylor=riverviewtech.net@riverviewtech.net>".  Please
forgive me as I do not remember the exact format of the SRS signed email address, however
it does not matter for this discussion.  Now, you may be thinking that this sender
rewriting scheme does a lot of work for some unknown reason.  However, recall if you will,
that DSNs, and MDNs (?), are suppose to be returned to the SMTP Mail From email address,
not the 822 From: header.  This means that if a legitimate 
DSN comes in to a recipient on the server it will be coming back to the SMTP Mail From
email address of
"<SRS0+<hash>+gtaylor=riverviewtech.net@riverviewtech.net>".  Again,
this may seem more convoluted than it needs to be.  Barring in mind that legitimate DSNs
will come back to the sender rewritten scheme email address we can safely assume that any
DSN that comes in to a recipient that is not SRS rewritten that the message did not
originate from our server and thus presumably not valid.  This also presumes that any and
all legitimate messages for my domain will be SRS rewritten, which I can ensure.  So we
have a method that we can easily filter out legitimate DSNs from illegitimate ones.

Now, as I understand it, Milter-Null accomplishes a very similar goal of being able to
identify valid DSNs and MDNs by the identification of a hash in the headers of the
original message.  However, if you will note in section 2 (page 7) of RFC 3464 that talks
about the parts of a DSN, the final part of the DSN that would either be the
"message/rfc822" message or "text/rfc822-headers" *IF* any of the
message is *OPTIONALLY* returned.  As I understand RFC 3464, the 3rd part of the DSN that
would contain the X-Milter-Null hash is optional, and thus may not be included.  Will
someone please correct me if I'm wrong.  However, MOST MTAs out there will include it, but
not all.

There is another side feature of SRS rewriting in that messages that are received from a
domain that employs Sender Policy Framework by a local recipient and then forwarded on to
another recipient somewhere else on the net, the message will not leave the local server
as the SPF protected domain, but rather the local domain thus safe from SPF filtering.

Before I go any further I'd like to take a moment to complement Anthony on all of his fine
work.  Anthony, your milters alone have GREATLY cut down on the amount of spam that comes
in to my servers so much so that I have been touting your milters any where and everywhere
that I can.  So PLEASE do not take this as me trying to undermine your work.

I would like to hear some feedback / thoughts / opinions on Milter-Null and / or SPF
Filtering as various methods to help prevent bogus DSNs / MDNs.  I would love for someone
else to shine a light on something that I have missed, so please do.  The "hash"
in SRS rewritten email addresses is an administratively defined length hash that
encompasses the date / time that a message was sent out as well as a password to (help)
prevent someone from spoofing the SRS address.

Thank you,

Grant. . . .

Lists Index Date Thread Search