[Esd-l] Smart reply
John D. Hardin
jhardin at impsec.org
Sun May 19 10:39:01 PDT 2002
On 17 May 2002, John Hardin wrote:
> 1. extract the domain from the Return-Path: header,
>
> 2. see if that domain appears in any of the Received: headers.
>
> It'll suppress incorrectly for some of the larger ISPs (like people with
> @earthlink.com addresses sending via @earthlink.net servers) but should
> also cut down on the alerts to blatantly forged addresses.
Okay, I have the first cut of this in the devel snapshot (1.135pre6).
1) If a Return-Path: header does not exist, NOTIFY_SENDER is disabled.
This means you should verify your MTA is generating a Return-Path:
header.
2) If the message appears to have come in from a mailing list, then
NOTIFY_SENDER is disabled.
3) If the domain in the Return-Path header is not supported by the
domains in the Received: chain, NOTIFY_SENDER is disabled.
4) To prevent the above processing, define the variable
SECURITY_DISABLE_SMART_REPLY to any value.
Comments are solicited.
--
John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/
jhardin at impsec.org pgpk -a jhardin at impsec.org
768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76
1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
"To disable the Internet to save EMI and Disney is the moral
equivalent of burning down the library of Alexandria to ensure the
livelihood of monastic scribes."
-- John Ippolito of the Guggenheim
-----------------------------------------------------------------------
898 days until the Presidential Election
More information about the esd-l
mailing list