Author: W B Hacker Date: To: exim users Subject: Re: [exim] DNS list lookup defer (probably timeout)
Kjetil Torgrim Homme wrote: > On Mon, 2007-05-14 at 11:26 +0200, Renaud Allard wrote:
>> Kjetil Torgrim Homme wrote:
>>> it is wrong to block bounces to multiple recipients, since it can
>>> happen. see the archive for some scenarios.
>> Well, it's quite OT here, but I consulted the archives, and I still
>> can't see any reason why a bounce would be sent to multiple recipients
>> at "RCPT TO:" time.
>
> okay, here you go:
>
> system A: your system, accounts alice and bob.
> system B: hosts a mailing list administered by alice and bob
> system C: hosts charlie which is member of the mailing list
>
> if both Alice and Bob are administrators for the mailing list, they may
> receive a bounce from the mailing list host when mail to charlie bounces
> (full quota, left company, etc).
>
> since it's the same bounce, system B is allowed to send the two copies
> of the bounce in the same transaction to system A.
>
> notice your system can not know if any of your users take part in such a
> setup.
>
> (some mailing lists systems will change the envelope sender so the
> bounce is no longer a bounce when sent to administrators, but this has
> its own problems.)
"Tilt"
With all due respect, MLM-triggered 'bounces' are a special case, and nearly
always addressed differently than 'vanilla' bounces to 'postmaster'.
In fact, the above description is not even *close* to how Ecartis, to name just
one MLM, prepares for them or handles them when they arrive.
Several of our servers are configured to intercept bounces to:
postmaster : abuse : hostmaster if they have multiple recipients.
And do so very effectively.
None of these acl's interfere with bounces to the MLM.
In the first place, the MLM specifies its own bounces-to & other addresses, i.e.
NOT 'postmaster'.
A very large number of remote systems of many races and creeds respect that.
Do 100% of them do so? Pass.
But lost or rejected attempts are not a significant problem. Quite rare.
In the second place, the MLM does its OWN expansion - from a *single* incoming
- to multiple folks with the SUPERADMIN, ADMIN, or CCERRORS flag set. To Exim,
these are now outbound messages, as most such foks have remote addresses.
To the MTA of the addresee, they no longer look like 'bounces', but rather an
ordinary, user-specific message which happens to encapsulate a verbatim bounce
plus commentary. Might still hit a nerve with a content-scanner, but not an acl
or equivalent.
It has been several years, but IIRC, MailMan and others are not greatly
different, though the terminology and where and how it they are configured will
certainly differ.
Does every admin use the full feature set to chanellize bounces? Pass.
But it is available, if not the 'default'.
Note, for example the Mailman 'return-path' and 'sender' on traffic to this very
list.
Bottom line:
Blocking multiple-recipient incoming to 'postmaster' (et al) should not be done
carelessly, nor in a vacuum - MLM involved or not.
But the 'single-addresee' restriction *does* reduce 'bot exploitation attempts,
and reflected backscatter - both of which are several orders of magnitude more
prevalent here than any *genuine* bounces have ever been.
YMMV, YOMD, but the pragmatic advantages seem to outwight the disadvantages by
at least 1,000 to one.