Dealing with forged return addresses hitting my domains?

Hans Fugal hans at fugal.net
Fri Apr 21 09:37:36 MDT 2006


On Fri, 21 Apr 2006 at 09:33 -0600, Kimball Larsen wrote:
> 
> On Apr 21, 2006, at 9:19 AM, Michael Halcrow wrote:
> 
> >On Fri, Apr 21, 2006 at 09:18:31AM -0600, Kimball Larsen wrote:
> >>This being said, should I simply configure my mail server to send
> >>all these sorts of messages to /dev/null?  What implications arise
> >>from doing that?  Will my domain wind up blacklisted as a spammer if
> >>I simply bury my head in the sand and ignore the problem?
> >
> >It's not your problem. Any service that blacklists your domain based
> >on forged email headers is broken, and any mail servers that
> >drop/bounce messages based on data from broken blacklist services are
> >also broken. Hence, it's their problem.
> 
> 
> So perhaps a better approach for me would be to redirect all bounced  
> messages to some bounced account, and periodically review that  
> account's contents to find any legitimate bounces.
> 
> I just wish there was an automated way to do this that did not  
> require manual intervention.

Well, you have knowledge about your domain that would make identifying
good bounces fairly simple: just look at the headers and search for your
IP addresses.

Someone implied that SPF or DK wouldn't help. That's not entirely true,
they will help when the recipient supports them, but not otherwise. If
the recipient does support SPF but you don't publish SPF records, then
they have no information to go on. 

I was convinced once upon a time not to use SPF. I don't now remember
what those reasons were, but I do remember being convinced. :)

-- 
Hans Fugal ; http://hans.fugal.net
 
There's nothing remarkable about it. All one has to do is hit the 
right keys at the right time and the instrument plays itself.
    -- Johann Sebastian Bach
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: Digital signature
Url : http://plug.org/pipermail/plug/attachments/20060421/6a7f542d/attachment.bin 


More information about the PLUG mailing list