Re: [Exim] local_scan(), content-scanning, multiple recipien…

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Alan J. Flavell
Ημερομηνία:  
Προς: David Woodhouse
Υ/ο: Exim users list
Αντικείμενο: Re: [Exim] local_scan(), content-scanning, multiple recipients and bounces
On Fri, 7 Feb 2003, David Woodhouse wrote:

> I agree to a large extent. However, the reason we do spam-blocking at
> SMTP receive time is to avoid being lumbered with the requirement to
> bounce the message, given a probably unreachable return address.


Or worse, "successfully" bouncing it to some innocent third party
whose address had been counterfeited as sender by the spammer.

The "unreachable return address" case is harmless, aside from the need
to housekeep the garbage. But "collateral spam" is a real and
increasing nuisance as far as I can see, and would be my chief motive
for wanting to reject at SMTP time (if we weren't already doing so,
which we are, thanks to the wonderful features of exim v4).

Anyway, return addresses can also be sanity-checked at SMTP time (plus
in our case we also have a locally-configured list of domains for
which we try a callback on the envelope-sender): although this isn't
always feasible or successful, it does seem to keep the number of
undeliverable bounces manageably low.

The informal criteria for putting a domain into that callback list are
1. the domain is noticeable as being one which spammers are
counterfeiting and 2. the MTA for the domain does positively reject
invalid addresses. Now I have to admit, as has been discussed here
before, that this strategy is likely to motivate spammers towards
counterfeiting valid addresses rather than invalid ones, thus adding
to the tide of collateral spam, but nevertheless on the small scale I
think we get overall benefit from it, and on the wider scale I suspect
there's going to have to be some major reworking of email procedures
before we get much older anyway, or email will rate to become
unusable.