Author: Kevin P. Fleming Date: To: Exim users list Subject: [Exim] OT: Venting at how much Exchange Server sucks :-)
Ignore this if you want... gotta speak my mind though.
I manage network/email/internet/etc. stuff for a few clients. Most of
them are using Linux servers with Exim and Cyrus for email; works a treat.
One of them is using Exchange Server; for now I can't change that. I did
have to upgrade them from from 5.5 to 2000, and I was hoping that the
upgrade would solve some of the existing problems. Well, it helped a
little, and made others worse.
You see, Microsoft has this "stated policy" that Exchange Server _will
not_ verify local parts on incoming SMTP mail during the SMTP
transaction. Supposedly this is to "protect" us from extra CPU usage for
the LDAP lookups or something. What it means, of course, is that
Exchange Server accepts mail for any local part for any domain it is
serving, even dictionary attacks and other cruft. It then queues them up
for delivery, but of course it can't deliver them because the local part
is invalid so it wants to generate an NDR.
This may have been reasonable behavior in 1998/9 when this product was
being developed; today it is absolutely ridiculous. The prevalence of
forged/invalid sender spam/viruses means that the Exchange Server
"badmail" directory (equivalent of frozen messages in Exim land) just
fills up constantly, even for a small site, and the server generates
"collateral spam" for forged senders that are deliverable. I have no
idea how sites with large email volumes handle this problem, it's just
insane.
And now back to your regularly scheduled programming <G>