Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Thread

Empty from field

Empty from field

2007-07-08 by Techwolf

Hi all.

I just got flooded with a lot of mail to some domains. All the mail got though 
greylist due to non-listed rbl ips. However, I did notice all the mail 
had "from=<>" in the sendmail logs. Is there a way to acl a rule to detect an 
empty from field? The docs don't show an example or explain how to detect an 
empty field.

Also, all the mail was random to: addresses. One poor user had a wildcarded 
domain and got over a 1000 spams in a day.

Oh, version milter-greylist-3.1.6-1

--Techwolf

Re: [milter-greylist] Empty from field

2007-07-08 by manu@netbsd.org

Techwolf <techwolf@...> wrote:

> I just got flooded with a lot of mail to some domains. All the mail got though
> greylist due to non-listed rbl ips. However, I did notice all the mail
> had "from=<>" in the sendmail logs. Is there a way to acl a rule to detect an
> empty from field? The docs don't show an example or explain how to detect an
> empty field.

A regexp should catch it:
from /^$/

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

Re: [milter-greylist] Empty from field

2007-07-09 by Matt Kettler

manu@... wrote:
> Techwolf <techwolf@...> wrote:
> 
>> I just got flooded with a lot of mail to some domains. All the mail got though
>> greylist due to non-listed rbl ips. However, I did notice all the mail
>> had "from=<>" in the sendmail logs. Is there a way to acl a rule to detect an
>> empty from field? The docs don't show an example or explain how to detect an
>> empty field.
> 
> A regexp should catch it:
> from /^$/
> 

Just be careful not to blacklist based on it.

The RFC's require that you *MUST* accept the null return-path because it's used
for DSN messages.

You can end up in the rfc-ignorant RBL for rejecting all messages with null
return-path's.

Re: [milter-greylist] Empty from field

2007-07-10 by Techwolf

On Monday 09 July 2007 10:43:10 am Matt Kettler wrote:
> manu@... wrote:
> Just be careful not to blacklist based on it.
>
> The RFC's require that you *MUST* accept the null return-path because it's
> used for DSN messages.
>
> You can end up in the rfc-ignorant RBL for rejecting all messages with null
> return-path's.
>

I don't blacklist. I use scoring type system. RBLs are used to adjust times. 

--Techwolf

Re: [milter-greylist] Empty from field

2007-07-12 by Matthias Scheler

On Mon, Jul 09, 2007 at 11:43:10AM -0400, Matt Kettler wrote:
> You can end up in the rfc-ignorant RBL for rejecting all messages with null
> return-path's.

It would get worse than that.

Postfix (and other MTAs?) also use an empty return-path when they perform
sender address verification. Blocking all such SMTP delivery attempts
would result in the outgoing e-mail to get blocked.

	Kind regards

-- 
Matthias Scheler                                  http://zhadum.org.uk/

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.