replies with SRS0, PRVS, BTV1 are screwing up autosender whitelisting - ORF Forums

replies with SRS0, PRVS, BTV1 are screwing up autosender whitelisting RSS Back to forum

1

Anyone else get annoyed with this?

these people are using ironport antispam or something so that when you email them eg; , gets added to the auto sender whitelist. but the reply originates from prvs= which then gets block by some other rule in your whitelist. then you need to add prvs=* to your whitelist senders manually.

I've tried adding prvs=*@*.com to my whitelist. to my horror. some marketing company was also using this system and flooded my users.

suggestions? right now I just have to check for the false positives and manually add the prvs=*@domain.com

by christopher.low 4 years ago
2

@christopher.low: The tags on the email address you mentioned belong to SRS (Sender Rewriting Scheme, a non-standardized extension to SPF https://en.wikipedia.org/wiki/Sender_Rewriting_Scheme) and Bounce Address Tag Validation (BATV, see https://en.wikipedia.org/wiki/Bounce_Address_Tag_Validation), a backscatter protection scheme.

Unfortunately, ORF does not handle either natively, so the Auto Sender Whitelist will not work for emails from these senders.

by Péter Karsai (Vamsoft) 4 years ago
(in reply to this post)

3

is it possible (in future versions) for ORF to strip the additions from the sender address and then compare that against the aswl/address whitelists?

by christopher.low 4 years ago
4

@christopher.low: We have considered this in the past and identified many issues with this approach from logging questions (e.g. difficulties cross-referencing Exchange/transport logs, etc.) to the very challenge that neither SRS, nor BATV are RFC standards, so there is no authority that would declare that these email addresses are in a certain format and no other email addresses will use this format (e.g. VERP envelope addresses). This is nicely illustrated by the BTV1 prefix, which is Barracuda's own prefix for its own variant of bounce suppression. All things considered, we have turned down the idea until BATV or SRS become well-defined, standardized approaches.

by Péter Karsai (Vamsoft) 4 years ago
(in reply to this post)

New comment

Fill in the form below to add a new comment. All fields are required. If you are a registered user on our site, please sign in first.

It will not be published.
hnp1 | hnp2