> > A bounce should *always* include a MIME attachment of type > > message/rfc822-headers which contains the full headers from the original > > mail. This makes it relatively easy to check on the receiving side if the > > original "Received: from" headers are valid, and simply drop bounces that > > relate to messages that were originally sent with forged headers. > Outstanding idea. If you (or anyone else on the list) already have a > tested procmail recipe for this, please share. If not, let's make one > and share it around... Done that: http://volker.dnsalias.net/soft/procmail/virusnotification.rc As a quick guess, the received: recipe catches 1/2 - 2/3 of all responses from those idiots, though I'm not recording exactly which recipe triggers because I don't care which rubbish it is. Anything can be improved, of course. Volker -- Volker Kuhlmann is possibly list0570 with the domain in header http://volker.dnsalias.net/ Please do not CC list postings to me.
