Loading ...
Sorry, an error occurred while loading the content.

Re: Best way to handle a Delivered-To exploit??

Expand Messages
  • Wietse Venema
    Thomas Harold: [ Charset ISO-8859-1 unsupported, converting... ] ... First, there is no need block Delivered-To: addresses with remote domain names. Second,
    Message 1 of 6 , Jun 21, 2013
    • 0 Attachment
      Thomas Harold:
      [ Charset ISO-8859-1 unsupported, converting... ]
      > On 11/6/2012 12:08 AM, David Rees wrote:
      > > On Sun, Nov 4, 2012 at 6:45 PM, Brian Schang <postfix@...> wrote:
      > >> In the past week, my server has accepted dozens of emails that were not
      > >> deliverable. In all cases the issue has been a mail forwarding loop
      > >> which resulted in the email bouncing. Given that my configuration has
      > >> not changed in many months, I was puzzled. However, a little research
      > >> led me to look into a Delivered-To exploit. I looked at a few of the
      > >> messages in the queue (postcat), and sure enough those messages had a
      > >> Delivered-To header line.
      > >
      > > FWIW, I've been seeing the same thing here. First one I saw was on Oct
      > > 23, but seems to be increasing in frequency.
      > >
      >
      > Any suggestions on how to handle this in postfix? We're starting to see
      > this with some frequency as well.
      >
      > The only solution that I've stumbled across in my web searches is
      > documented at:
      >
      > http://forum.spamcop.net/forums/index.php?showtopic=10734
      >
      > They suggest a "header_checks" of type "pcre" with the following content
      > in the file:
      >
      > /^Delivered-To: .*/
      > REJECT Header Exploit

      First, there is no need block Delivered-To: addresses with remote
      domain names.

      Second, blocking local Delivered-To: addresses this way would suffer
      from false positive when multiple users have the same email domain.

      To avoid those false positives one would have to compare each
      envelope recipient address against each Delivered-To: address in
      the message header.

      Wietse
    Your message has been successfully submitted and would be delivered to recipients shortly.