[Esd-l] problem with SECURITY_NOTIFY_SENDER
John D. Hardin
jhardin at impsec.org
Mon Feb 21 08:37:54 PST 2005
On Mon, 21 Feb 2005, [iso-8859-2] Mgr. Michal Nikitinsk} wrote:
> o.ou --- yes! I tested it and you are true. When the domain of
> source server is the same as domain in return address, the
> notification works like magic.
>
> But I think that it isn't too good feature. Many people have
> mailboxes at hosting-servers and that's why they can't fulfil this
> requirment :o(
>
> Is there any way to switch off this feature?
There is. Please see the configuration page about
SECURITY_DISABLE_SMART_REPLY.
Be aware that this will greatly increase the number of notifications
you send to forged sender addresses, and may get you a lot of hate
mail and possibly even get you blacklisted.
I suggest that you use this option dynamically - in other words, use
procmail rules to look at the From address and only disable smart
reply if the message is coming from (or claiming to come from) those
domains which you host; perhaps something like:
:0
^From: .*@(hosteddom1\.com|hosteddom2\.com|hosteddom3\.com|etc.)
{
SECURITY_DISABLE_SMART_REPLY=Y
}
--
John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/
jhardin at impsec.org FALaholic #11174 pgpk -a jhardin at impsec.org
key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
What nuts do with guns is terrible, certainly. But what evil or crazy
people do with *anything* is not a valid argument for banning that item.
-- John C. Randolph <jcr at idiom.com>
-----------------------------------------------------------------------
More information about the esd-l
mailing list