Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Wietse Venema (wietseporcupine.org)
Date: Thu Apr 17 2008 - 08:25:09 CDT
> > There is no magic bullet. Solutions like SRS and BATV depend on
> > RFC-compliant behavior of remote MTAs (send mail from<> to envelope
> > sender address). Other solutions have other limitations, and what
> > works best is often a combination.
> Hmm, so what I hadn't considered is mailers that send bounces to the
> wrong address. What do they use then? The 'From:' address or something
> even more zany? Do you know what MTAs do this?
Autoresponders that send to the From: or Reply-To: address (out of
office, challenge-response), antivirus software that sends "virus
in mail from you" notifications, and other software that does not
have a notion of what an envelope sender address is. The relative
proportion of these seems to be getting smaller, at least in my
own tiny corner of the Internet.
> If they're not all that
> common then it would probably be a worthwhile trade-off for us as
> we're unlikely to find legitimate bounces in the flood currently
> anyway. Personally I'd like to drop mail from them out of spite, but
> that's the frustration talking (we've had basically no spam get
> through the filter for ages until a couple of weeks ago, when the
> backscatter shot up, and today we've been absolutely inundated).
In many cases, backscatter comes from well-behaved MTAs that leave
enough of the original message headers intact, so that forgeries
can be recognized and rejected before mail hits the Postfix queue.