[Pymilter] pysrs - Preventing SRS if "From" address is local
Stuart D Gathman
stuart at gathman.org
Tue Aug 15 17:54:42 EDT 2023
On Mon, 14 Aug 2023, fleece at compuserve.com wrote:
>> # sign these domains using SRS in signing mode to prevent forged bounces
>> sign = bob.net
Is this what you are complaining about?
> Note: In same log lines below you can see the problem from my outgoing email (sam at bob.net) sent from my internal mail server and local domain...
>
>> 2023Aug14 10:52:53 make_srs gmail.com.▒sam<@bob.net.>
>> 2023Aug14 10:52:53 h = gmail.com.
>> 2023Aug14 10:52:53 OK SRS0=redct=D7==sam<@bob.net.>
This is what the sign= config calls for. The purpose is to detect
"bounce spam" where someone sends
========================
MAIL FROM: <>
RCPT TO: <sam at bob.net>
DATA
Subject: problem with your account
There is a problem with your mail account. Please goto
https://scam.biz/recovery
and enter all the info we need to control your online accounts.
Thank you
======================
That would be immediately rejected as it lacks the mail from
signature.
If the signed mail from is a problem (usually because of some buggy
recipient), just remove bob.net from sign= (or add that buggy
recipient to the exception list).
More information about the Pymilter
mailing list