[sf-lug] postfix config question
Rick Moen
rick at linuxmafia.com
Wed Jan 30 23:04:26 PST 2008
Quoting jim stockford (jim at well.com):
> on a Red Hat 6 box (yes, ancient, pre Red Hat 9 OS), our Postfix
> email server is sending out an "unknown user" reply to inbound
> mail from spammers who're trying xxxxx at ourjoint.DOM
>
> Unfortunately, this is generating an unacceptable amount of traffic
> back to the Speakeasy server. They suggest that when our server
> gets mail for an address for a user that doesn't exist on our host,
> our Postfix server simply doesn't generate a reply.
I'm not a Postfix MTA (Mail Transfer Agent = SMTP daemon) admin, but it
looks like you need this page:
http://www.postfix.org/BACKSCATTER_README.html
Basically, no modern MTA should ever accept mail first, and only then
determine whether the recipient is valid and whether the mail is
otherwise acceptable. That determination should be made _during_ the
inbound SMTP session, resulting in either a 200-code SMTP result
(accept) or a 550 one (reject) -- these SMTP result codes issued during
the SMTP converation with accompanying explanatory text being termed
"Delivery Status Notifications".
Doing that processing during the SMTP conversation means the MTA isn't
put in the situation of first accepting mail (during the SMTP session)
and then later finding out it's something that shouldn't have been
accepted (e.g., spam) and then having to decide whether to generate a
"bounce" message or not.
(Short version: Stop bouncing spam. 550-reject it, instead. Speakeasy
really should have suggested that rather than accepting and discarding,
which is dumb.)
More information about the sf-lug
mailing list