Loading ...
Sorry, an error occurred while loading the content.

291358Re: Null sender address in NDR's

Expand Messages
  • Viktor Dukhovni
    Feb 14, 2013
    • 0 Attachment
      On Thu, Feb 14, 2013 at 03:36:11PM +0000, James Day wrote:

      > > > Is there a sensible way to configure postfix to allow these messages
      > > > with null sender addresses to be relayed without opening the smart
      > > > host up to exploitation?
      > >
      > > Sending bounces is not "exploitation", but the "smart host" (really
      > > submission service) policy is up to the ISP. Ask them.
      > I wasn't trying to suggest that sending bounces would be
      > exploitation, rather that allowing *all* messages with a NULL sender
      > to relayed through could potentially be exploited to send spam as <>

      This has nothing to do with spam. One can just as easily send spam
      as <malory@...> as one can as <>. The ISP can equally easily
      track it down, since the Received: headers will contain the offending
      IP address.

      The real issue is that the ISP offering a consumer-grade submission
      service for MUAs, not a relay service for MTAs. Their rate limit
      policies may be based on sender domains, rather than client IP
      addresses (ideally they should really use the SASL login name).

      Perhaps a business-grade service offering from the same ISP
      (typically at a higher price-point) offers ISP support, or a
      static sending IP not listed in the PBL (in which case simply
      send direct and don't use the ISP relay).

      > > > And before anyone comments, yes I know this isn't best practice as
      > > > NDR's should have null sender addresses to stop loops (bouncing
      > > > bounce-backs!).
      > >
      > > Not "should", MUST. Not "isn't best practice", rather prohibited.
      > I understand and agree however in my experience you sometimes
      > have to fudge things so they operate with incorrectly configured
      > systems (against my own wishes!)

      Not in this case, sending NDRs with a non-null envelope sender
      address is a fundamental violation of the robustness requirements
      of SMTP. This goes beyond working-around misconfiguration to flagrant
      violation of a basic design requirement that prevents congestive
      collapse of the mail system.

    • Show all 13 messages in this topic