Re: [exim] Unwanted bounce messages generated locally

Top Page
Delete this message
Reply to this message
Author: Graeme Fowler
Date:  
To: exim-users
Subject: Re: [exim] Unwanted bounce messages generated locally
Hi

On Thu, 2008-02-21 at 12:55 +0100, Yves Goergen wrote:
> 1) When a message comes in for a mailbox that doesn't exist (unknown
> user), the message doesn't seem to be rejected at first instance but a
> bounce mail is generated that cannot be delivered and ends up frozen in
> the queue. How can this be changed so that unknown users
> (postmaster@some-local-domain) can be rejected at the first place?


I hope the list will excuse my slightly flippant, not-entirely-serious
but accurate nonetheless reply (see earlier thread about TLS and
callouts for why):

Ta-da! http://wiki.exim.org/FAQ/Policy_controls/Q0744

...noting that you should *always* accept postmaster@???
(it's an RFC mandate).

> 2) When a mail forward is set up, the incoming mail seems to be stored
> and confirmed to the sender, then forwarded to the destination. When
> this destination host rejects the message due to spam, my server wants
> to generate a bounce mail notifying about the delivery error. Again,
> this bounce mail ends up frozen in my queue.


There are a couple of things to note here:

1. You sent the message to the remote MTA, which rejected it, so you
have to deal with the error. If you're not applying strict enough policy
checks on inbound mail (for example, does the remote domain exist?) then
the frozen messages are something you'll have to live with. You can tune
the time they remain on the queue - see the docs.

> I can well imagine that some of the bounced messages are successfully
> delivered to their destination, in case of valid forged sender
> addresses. I don't want my mail server to be responsible for any
> backscatter.


For a forwarding service, you can't really help it. If you know (or have
an idea) of the methods used by the remote systems you're forwarding to,
adopt them. If you can't, be stricter in what you accept.

> I have configured my own spam filter (SA) so that it can scan the
> message during the first-place SMTP session and reject spam without
> first confirming it and later trying to send back a bounce message. But
> why does exim still use bounces in the two cases mentioned above?


It does so because in the first instance you're not verifying the
recipient at SMTP time, and in the second instance because you're
applying different rules to the remote systems.

There's a million and one ways to reduce the acceptance of junk. You can
use a multi-line banner and "greet-pause" for one thing, which will rid
you of a significant amount of rubbish. You can add extra pauses
throughout the transaction, which will rid you of some more. Turn off
pipelining - several bits of malware just spew the whole conversation
through in one go, so you'll get shot of them.

That's just a few ways. Search the archives and/or the FAQ and docs for
more.

Graeme