Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. SPF>
  3. SRS
greylisting and MAIL FROM signing
stuart at bmsi
Aug 16, 2005, 12:23 PM
Post #1 of 5 (5860 views)
Permalink
I have run into a sort of impedance mismatch between MAIL FROM signing and
greylisting.

1. I send a message with signed MAIL FROM (old SES)
2. recipient rejects with 450 - try again in 300 minutes
3. sendmail tries again, but the timecode has changed, and so
the recipients greylisting software thinks I'm a new sender.
4. go back to step 2

One solution would be to bind the MAIL FROM to the message somehow
when deferring due to 450. But how to do that with sendmail? I
am signing MAIL FROM via a socket map - which is called on each attempt.
How would I recognize that it is the same message? How could I get
sendmail to keep the new MAIL FROM?

A real klugy solution would be to relay through another server - that's
one way of making the MAIL FROM persistent...

--
Stuart D. Gathman <stuart@bmsi.com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.


-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com
Re: greylisting and MAIL FROM signing [ In reply to ]
dwmw2 at infradead
Aug 16, 2005, 12:31 PM
Post #2 of 5 (5591 views)
Permalink
On Tue, 2005-08-16 at 15:23 -0400, Stuart D. Gathman wrote:
> I have run into a sort of impedance mismatch between MAIL FROM signing and
> greylisting.
>
> 1. I send a message with signed MAIL FROM (old SES)
> 2. recipient rejects with 450 - try again in 300 minutes
> 3. sendmail tries again, but the timecode has changed, and so
> the recipients greylisting software thinks I'm a new sender.
> 4. go back to step 2

Reduce the precision of your timecode.

--
dwmw2

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com
Re: greylisting and MAIL FROM signing [ In reply to ]
stuart at bmsi
Aug 16, 2005, 1:21 PM
Post #3 of 5 (5630 views)
Permalink
On Tue, 16 Aug 2005, David Woodhouse wrote:

> On Tue, 2005-08-16 at 15:23 -0400, Stuart D. Gathman wrote:
> > I have run into a sort of impedance mismatch between MAIL FROM signing and
> > greylisting.
> >
> > 1. I send a message with signed MAIL FROM (old SES)
> > 2. recipient rejects with 450 - try again in 300 minutes
> > 3. sendmail tries again, but the timecode has changed, and so
> > the recipients greylisting software thinks I'm a new sender.
> > 4. go back to step 2
>
> Reduce the precision of your timecode.

I thought of that after posting. It doesn't help. Old SES also increments
a sequence number for each outgoing message. There really needs to be
a way for sendmail cf to recognize when we are retrying a deferred
message. There probably is - sendmail cf isn't exactly the most
clear and explicit language in the world...

I might need to go back to SRS signing.

--
Stuart D. Gathman <stuart@bmsi.com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com
Re: greylisting and MAIL FROM signing [ In reply to ]
stpeters at NetHeaven
Aug 16, 2005, 1:36 PM
Post #4 of 5 (5607 views)
Permalink
Stuart D. Gathman writes:
> I have run into a sort of impedance mismatch between MAIL FROM signing and
> greylisting.
>
> 1. I send a message with signed MAIL FROM (old SES)
> 2. recipient rejects with 450 - try again in 300 minutes
> 3. sendmail tries again, but the timecode has changed, and so
> the recipients greylisting software thinks I'm a new sender.
> 4. go back to step 2
>
> One solution would be to bind the MAIL FROM to the message somehow
> when deferring due to 450. But how to do that with sendmail?

Rename EnvFromSMTP to something like OrigEnvFromSMTP and define a new
EnvFromSMTP that returns the value of a new macro, say MailFrom. Then
assign OrigEnvFromSMTP's output to MailFrom and declare MailFrom to be
a persistent macro. Something like this - *completely untested*:

C{persistentMacros} {MailFrom}
...
R$* $: $(macro {MailFrom} $@ $>OrigEnvFromSMTP $&f $) $1
...
SEnvFromSMTP
R$* $@ $&{MailFrom}

I'd be really surprised if I got the details right, but I think the
basic idea should work.

--
Dick St.Peters, stpeters@NetHeaven.com

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com
Re: greylisting and MAIL FROM signing [ In reply to ]
davidnicol at gmail
Aug 16, 2005, 4:20 PM
Post #5 of 5 (5614 views)
Permalink
On 8/16/05, Stuart D. Gathman <stuart@bmsi.com> wrote:
> A real klugy solution would be to relay through another server - that's
> one way of making the MAIL FROM persistent...

IMO that sounds like a winner. Create a new local IP address, say 127.25.25.25,
tell sendmail that's your smarthost, and run a qmail instance that listens
only on 127.25.25.25 and relays out.


--
David L Nicol
The original republican:
http://cronos.advenge.com/pc/Honest_Abe

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal