Author: Marc Sherman Date: To: Marilyn Davis CC: exim-users Subject: Re: [exim] Heads up?
Marilyn Davis wrote: >>
>>So now I'm wondering, how is this collateral spam from an error better
>>than the collateral spam from a challenge?
>
> I mean. Errors give collateral spam too, even when they are generated
> at smtp time.
>
> And, putting the challenge on the smtp connection doesn't help
> anything afterall.
Rejecting at SMTP time doesn't necessarily ensure that no collateral
spam will be generated. What it does ensure is that the rejecting mail
server won't be responsible for any collateral spam.
In a real SMTP transaction, server A contacts your server B, and tries
to deliver the message. B rejects it with a 550, so A generates a bounce.
There's three possibilities here:
1) The message was legitimately sent by a user of server A. The bounce
generated by A will be delivered correctly.
2) The message was spam generated by a user of server A, with a bogus
envelope sender. The bounce will be collateral spam, but it will be
correctly traceable to the administrator of server A, who can then
either help get rid of the spammer, or get his server blacklisted.
3) The message was spam which used server A as an open relay. This is
resolved the same as case 2.
The important thing is that your server had nothing to do with the spam,
so it's a good thing that your server doesn't generate a bounce.
In the example you gave, where you submit the original message using
exim -f mike@??? marilyn@??? < /some/file
your server is the originator of the message, so it's correct that your
server generates the bounce, and you get blamed for originating the
collateral spam. It _wasn't_ rejected at SMTP time, because there was
no SMTP transaction for the message submission.
BTW, ignore Fred's messages -- he completely misunderstood the question
you were asking. :)