Autor: Arthur Hagen Datum: To: exim-users CC: lista_exim Betreff: Re: [exim] How to send bounce messages just after error
On Mon, 2007-03-05 at 12:10 +0100, lista_exim@??? wrote: > No, I don't want to use
>
> verify = recipient
>
> because it needs an extra search in my LDAP (my accounts are in LDAP), and
> I don't want to reject the mails at RCPT time.
>
> I want to receive the message, then send a bounce message to the original
> sender (with the original message attached to it), and that Exim doesn't
> send the original message to the queue.
Fifteen years ago, this was a good idea. Today, it isn't. If you've
ever been Joe-jobbed, you'll know why. If not, welcome to the Internet,
I hope you'll like it.
If the recipient doesn't exist, it's an almost certainty that the sender
of the email is *not* the real sender.
Spammers take a /legitimate/ email address belonging to someone else and
put it in the envelope sender field, and fire off the spam to hundreds
of thousands recipients who may or may not exist. Those who bounce the
mail they way you want to will then send an email to the innocent who
happens to have the sender e-mail address the spammer forged. He then
gets thousands of bounces within a short period of time, and the bounces
will continue to trickle in for weeks.
By implementing what you describe, you're only helping to hammer
innocent people's mailboxes. Please don't.