Author: Oliver von Bueren Date: To: exim-users Subject: Re: [exim] noreplys...
John Doe wrote: > I am trying to handle our noreply emails a little bit more properly.
> We do send the classic "Something new... check your account" emails coming from noreply@???
> So far, I used a simple: "noreply: :fail: This account is not valid, use the website mail" in the /etc/aliases
> It seem to work, but it is not very aesthetic. I would like the response to be clean (multiple lines of text, etc...).
> So, is there a better way to handle noreplys from within exim.conf?
>
> You ask about how to handle an email address like noreply@???.
First of all, if you ever use this email address in any form, say as the
origin, esp. envelope from, for mails you send out from your web page,
mailing list or something like that, it's a bad idea to :fail: that
address. This basically means, this address does not exist. This is the
best way to prevent communication with any domain that does callback
verification of the sender address with the assumption that, if the
sender address is not valid, it is junk and therefore it's not worth to
accept it.
It's enough that many websites send out mail without a valid sender
because of incompetence (senders like www-data@???, no
MX and no SMTP on that host), so you should not intentionally do.
Put that aside and assume you change it to :blackhole: the message is
silently discarded without any further info. Which is exactly, what one
should except from an address like noreply@.
Further on, with a :fail: you will never get a "nice" replay for a user
sending a message to that address, as it will always be wrapped in the
error message generated by the sending MTA. The sending MTA, because
your does generate a 550 response at SMTP time. The readability, from an
end user perspective, is never great, and does not improve if you
provide more text.
If you like to send out a pretty message to the user, you could consider
an autoreply on that address. That way you can send out pretty messages.
BUT that has some drawbacks as well, as you will send out a message to
the sender of every incoming one. This can be abused as well, especially
if you include the original message. Imagine a spammer sending a few
thousand message to this address, each time with a different forged
sender. That's a good way to end up in blacklists.