Rick Duval wrote:
> But my server gets thousands of messages to non-existent local_parts
> and some spammers send them all from some poor guys address (I know
> I've been on the victim side of that where someone is spamming and
> using my address in the from header).
Consider rejecting those on rDNS fail and/or dynamic IP RBL hit in
acl_smtp_connect.
OR give 'demerit's for each such sin, add more demerits for a HELO that
is not an FQDN match to the connected IP.
Compare the total cumulative score and kick them off the NIC.
WinZombies ordinarily fail those at close to 100%.
>
> I'm not only concerned that I'll be flooding that server with rejected
> emails but also that my server could end up blacklisted because of the
> potential flood of replies generated.
>
> Rick
>
You'll be replying to WinZombies. Not a problem.
But most of us shed those before we even need to do the recipient lookup.
Bill
> On Thu, Nov 20, 2008 at 5:44 PM, Kjetil Torgrim Homme
> <kjetilho@???> wrote:
>> On Thu, 2008-11-20 at 17:24 -0500, Rick Duval wrote:
>>> I now have a lookup that accepts emails only for addresses that are in
>>> the database.
>>>
>>> accept condition = ${lookup mysql{SELECT count(*) from addresses \
>>> WHERE active AND domain='${quote_mysql:$domain}' \
>>> AND local_part='${quote_mysql:$local_part}'}}
>>>
>>> deny
>>>
>>> It works great but I don't want to contribute to backscatter by
>>> sending denial messages back to the sender everytime an address is
>>> rejected. Right now it sends out and email like:
>>>
>>> SMTP error from remote mail server after RCPT TO:<bob@???>:
>>> host duvals.ca [74.51.38.171]: 550 5.1.1 <bob@???>:
>>> Recipient address rejected: User unknown in virtual alias table
>>>
>>> Can I turn that off and just not have it reply at all?
>> well, you can blackhole the message, but your current method is the
>> recommended way of setting it up. if someone mistypes an address, say
>> "bpb@???", you will typically want him to know about it so that he
>> can resend it using the correct address.
>>
>> you won't be contributing to backscatter unless someone forwards e-mail
>> to you -- and typoes in forwarding targets should definitely be
>> reported.
>>
>> it's a bit different if your denial is due to a SpamAssassin score or
>> something like that -- then the forwarding system may have more lax spam
>> filtering than your system, but it's the forwarding's system which will
>> be spreading backscatter. even here, it's not really your fault.
>>
>> --
>> regards, | Redpill _
>> Kjetil T. Homme | Linpro (_)
>>
>>
>> --
>> This message has been scanned for
>> viruses and dangerous content by
>> Accurate Anti-Spam Technologies
>> and is believed to be clean.
>>
>>
>
