Re: [exim] Exim 4.72: preventing backscatter

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Klaus Ethgen
Datum:  
To: exim-users
Betreff: Re: [exim] Exim 4.72: preventing backscatter
Hi Konstantin,

Am Do den 28. Aug 2014 um 0:55 schrieb Konstantin Boyandin:
> >> 2. Create 'catchall' router, intercepting all unrouteable addresses (I
> >> think this is better solution).
> >
> > Don't. One type of spammer tries random names at your domain and logs
> > for later use (and sale to other spammers) as "verified" any tha
> > result in an accepted mail.
>
> Our (company using Exim installation I talk about) policy is to accept
> mail even from those hosts that do not implement SPF/DKIM/whatever else,
> even in cases when mail is sent from an IP not verified by SPF and so on
> - we have too many legitimate mail that doesn't pass those checks.


Thats OK, But it is a difference to accept mails to existing local
accounts but with broken SPF/DKIM stuff (what addresses the sender side)
and having a catchall router that accepts all mails independent if the
address exists locally or not. The first might be ok (I myself would not
receive such mails but that is my opinion) the later is a absolute no
go.

> So currently I have 500 to 1000 of backscatter mail sitting in mail
> queue, since it can't be delivered to forged sender of spam sent to
> non-existing local addresses. Are there efficient ideas to reduce that
> number?


So all that mails you accepted while you did not have a local user for
that addresses? In that case you have to check if it is legally possible
in your region to just drop the mails.

Don't, never ever, accept mails to not existing users and don't accept
mails to existing users where you want to prevent them from receiving it
for any policy reason (like spamchecking or virus checking). If you take
the mails you are legally responsible to deliver them; independent if
you are able or not.

Something different is outgoing mails you received locally _from_ your
users.

Regards
   Klaus
- -- 
Klaus Ethgen                              http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16   Klaus Ethgen <Klaus@???>
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C