replies with SRS0, PRVS, BTV1 are screwing up autosender whitelisting RSS


Anyone else get annoyed with this?

these people are using ironport antispam or something so that when you email them eg; , gets added to the auto sender whitelist. but the reply originates from prvs= which then gets block by some other rule in your whitelist. then you need to add prvs=* to your whitelist senders manually.

I've tried adding prvs=*@*.com to my whitelist. to my horror. some marketing company was also using this system and flooded my users.

suggestions? right now I just have to check for the false positives and manually add the prvs=*

by christopher.low 3 years ago

@christopher.low: The tags on the email address you mentioned belong to SRS (Sender Rewriting Scheme, a non-standardized extension to SPF and Bounce Address Tag Validation (BATV, see, a backscatter protection scheme.

Unfortunately, ORF does not handle either natively, so the Auto Sender Whitelist will not work for emails from these senders.

by Péter Karsai (Vamsoft) 3 years ago
(in reply to this post)


is it possible (in future versions) for ORF to strip the additions from the sender address and then compare that against the aswl/address whitelists?

by christopher.low 3 years ago

@christopher.low: We have considered this in the past and identified many issues with this approach from logging questions (e.g. difficulties cross-referencing Exchange/transport logs, etc.) to the very challenge that neither SRS, nor BATV are RFC standards, so there is no authority that would declare that these email addresses are in a certain format and no other email addresses will use this format (e.g. VERP envelope addresses). This is nicely illustrated by the BTV1 prefix, which is Barracuda's own prefix for its own variant of bounce suppression. All things considered, we have turned down the idea until BATV or SRS become well-defined, standardized approaches.

by Péter Karsai (Vamsoft) 3 years ago
(in reply to this post)

New comment

Fill in the form below to add a new comment. All fields are required. If you are a registered user on our site, please sign in first.

Email address (will not be published):
Your comment:

ORF Technical Support

Configuring, installing and troubleshooting ORF.

News & Announcements

Your dose of ORF-related news and announcements.

Everything but ORF

Discuss Exchange and system administration with fellow admins.

Feature Test Program

Feature Test Program discussion. Membership is required to visit this forum.

ORF Beta

Join the great bug hunt of the latest test release.

Customer Service

Stay Informed