(Some prior specialist experience needed hence high points.)
Hi,
First a bit of background :
We setup a Majordomo list, which repeatedly looped inexplicably. More investigation revealed that the list was actually being sent to multiply, but that this send was only occuring from the 'real' sender the first time. After that the sender's address was being forged by another machine, on a different IP address. More tracking reveals this server is probably making a hash up of replying with a bounce ... Basically it seems to reply 'FROM' the original sender, 'TO' the original receiver address. Net result is that the message goes back to the list...
To give a real (obscured) example :-
joe.smith@frodo.com sends a message to list@frodo.com.
List expanded. Lots of emails generated. One of which goes to harry@hogwarts.com.
Unfortuntely it looks like harry@hogwarts.com doesn't exist on hogwarts.com's server.
The server sends a response. But not a 'normal' response. This response appears to from FROM joe.smith@frodo.com and TO list@frodo.com and is sent by hogwarts.com's mailserver , causing another message to go out to the list. (ad infinitum).
Anyway, to satisfy my curiosity, has anyone ever seen this type of behaviour before from a box running :
ESMTP MAIL Service, Version: 5.0.2195.5329
(i've just smtp'd into it and had a look).
OR any other MTA? I can't believe we're the only bods to notice this phenomenon. Our solution is to stop all authorised addresses sending to the list. Require a 'specific authorisation' per message that goes out. The first will obviously get authorisation, all future messages will not.
???
AJPB
Start Free Trial
