At Thu, 30 Nov 2006 10:18:59 +0100, Phil Pennock wrote: > > On 2006-11-29 at 16:49 -0500, Greg A. Woods wrote: > > BTW, this whole idea of generating new mail from SIEVE is bogus. The > > local mail service should NEVER EVER IN A MILLION YEARS ever generate > > new messages in response to incoming mail (think backscatter, unless if > > it had the kind of once-per-week protection built into the much older > > unix vacation(1)). > > draft-ietf-sieve-vacation-06.txt > > I've not checked Cyrus 2.2.x, but certainly 2.3.7 supports the :days > parameter described in section 4.1 of that draft. See > sieve/sieve.y:canon_vtags() which sets the default time period and > imap/lmtp_sieve.c:autorespond() which does the already-responded safety > checks. Yes thanks I thought I'd seen something like that for the sieve "vacation" action. Unfortunately it doesn't curb backscatter from "reject". Last time I was monitoring a site suffering a backscatter attack a noticable (though still not actually huge) portion of the junk was coming from Cyrus SIEVE scripts. Now with all the local delivery done via LMTP there's really no reason why "reject" can't just send a nicely formatted and informational multi-line LMTP error response with the text from the script. Of course it would be much better just to not offer "reject" to users in the first place. That kind of filtering should be done on the front-end MX servers so that the MTA won't get stuck generating a bounce either. If you don't want it then delete it, but don't ever send it back to a (likely) forged sender address! -- Greg A. Woods H:+1 416 218-0098 W:+1 416 489-5852 x122 VE3TCP RoboHack <woods@xxxxxxxxxxx> Planix, Inc. <woods@xxxxxxxxxx> Secrets of the Weird <woods@xxxxxxxxx> ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
