[Info-vax] inhibit email with From: <> from being sent
Phillip Helbig---undress to reply
helbig at astro.multiCLOTHESvax.de
Sat Dec 31 08:21:53 EST 2011
In article <9m6ukaFamjU4 at mid.individual.net>, Bob Eager
<news0001 at eager.cx> writes:
> On Fri, 30 Dec 2011 22:23:23 +0000, Phillip Helbig---undress to reply
> wrote:
>
> > In article <9m3ce5F3gnU2 at mid.individual.net>, Bob Eager
> > <news0001 at eager.cx> writes:
> >
> >> > In the log of my SMTP relay server, I occasionally see a record of
> >> > emails sent from the adress "<>", i.e. with an empty From: header. I
> >> > suspect this is some sort of backscatter spam. (In general, a
> >> > combination of RBL and setting Symbiont-Checks-Deliverability: to
> >> > FALSE has stopped most of my spam.) Is there any way to prevent this
> >> > from being sent?
> >>
> >> No, it's a valid thing to do. Read RFC 5321, section 4.5.5 in
> >> particular.
> >>
> >> It is not backscatter spam - in fact, it's almost the opposite.
> >
> > I had a quick glance: delivery-status notification or something like
> > that. But the address is not one I recognize (I have NEVER noticed such
> > an email getting sent to an address I recognize), so I am assuming that
> > while perhaps it SHOULD be generated, maybe someone sent a spam email to
> > a non-existent user (with more than 12 characters, so that my old
> > version of SMTP doesn't just drop it) and this is the automatic response
> > to that. But suppose the From: address is bogus; in that case it would
> > be backscatter spam, right?
>
> Could indeed be. The answer there is to reject it via the From: address
> rather than the <>, which would be dangerous.
Suppose someone sends me an email with a forged From: header. If I
reject it (with <> as the From: header on my side in the notification
mail) and send it to the forged From: header, then I am unwittingly
helping the spammer.
More information about the Info-vax
mailing list