> On 27 Jun 2005 at 15:17, Mark Smith wrote about
> "RE: [exim] Supressing bounce messag":
>
> | > >> Is there any way to specify that bounce messages
> should only be
> | > >> sent to e.g. +local_domains?
> | >
> | > A router like this, placed before your dnslookup router,
> should do it:
> |...
> | Thanks. Unfortunately that will also break other DSNs, such
> as "Read"
> | notifications.
>
> OK, then how about addressing the problem at its source? You
> shouldn't be generating bounces to external senders in the
> first place. Undeliverable mail should be rejected at SMTP time.
We don't generate bounces to external senders, only local senders, and we
only do that because some MUAs don't cope well with rejections at SMTP time.
The situation I'm trying to address is the unlikely event that someone on
our system (a local user or a hacker) starts Joe-Jobbing somebody. We don't
want to send misdirected bounces to the addresses that are being spoofed.
- Mark
