On 27 Jun 2005 at 18:07, Mark Smith wrote about
"RE: [exim] Supressing bounce messag":
|...
| (I wrote:)
| > OK, then how about addressing the problem at its source? You
| > shouldn't be generating bounces to external senders in the
| > first place. Undeliverable mail should be rejected at SMTP time.
|
| We don't generate bounces to external senders, only local senders, and we
| only do that because some MUAs don't cope well with rejections at SMTP time.
Right. Good.
| The situation I'm trying to address is the unlikely event that someone on
| our system (a local user or a hacker) starts Joe-Jobbing somebody. We don't
| want to send misdirected bounces to the addresses that are being spoofed.
But if all the hacker's victim addresses are valid, that's OK? ;)
Can you prohibit spoofed senders (at least spoofed external senders)
instead?
- Fred
