Greylisting never permits from=<>

Philip Hachey PHachey@city.cornwall.on.ca
Wed Nov 9 16:11:21 UTC 2005


Apparently, I was mistaken.  Looking further back in the sendmail logs, I 
can see where "from=<>" from other servers were embargoed once, and let 
through a second time.  I'm not sure why some messages are perpetually 
embargoed, despite that their msgid and sending relay are the same every 
time -- perhaps the sending server is adding headers each time, causing 
the checksum to change?





Philip Hachey
2005-11-09 10:40

 
        To:     dcc@rhyolite.com
        cc: 
        Subject:        Greylisting never permits from=<>

I've discovered a problem with dccm greylisting: messages with env_from's 
of <> (which are completely valid -- return receipts, etc.) are never 
learned and perpetually embargoed.  Ideally, this would be handled by dccm 
and dccd as a triple (env_from=NULL,env_to=<receiver's 
address>,relay=<sender IP>) but, apparently, this doesn't happen.  To work 
around this, I put in my grey_whitelist the line "ok   env_from   <>", but 
this obviously opens an easily exploited hole in greylisting as even never 
before seen sender IP addresses would get through if the env_from is null 
-- a common practice by spammers.

----------------------------------
Philip J. Hachey, BCS(High Hons)
Programmer-Analyst
City of Cornwall





More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.