Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 20 Dec 2006 15:38:00 +0700 (WIT)
From:      Beastie MRA <>
To:        Matthew Seaman <>
Subject:   Re: undeliverable mail
Message-ID:  <>
In-Reply-To: <>
References:  <> <> <> <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Dec 20, 2006 02:00 PM, Matthew Seaman
<> wrote:

>Beastie MRA wrote:
>>On Dec 20, 2006 10:31 AM, Bill Vermillion <> wrote:
>>>It's Wed, Dec 20, 2006 at 09:26 . I'm in a small dim room with
>>>doors labeled "Dungeon" and "Forbidden". There is noise, the door
>>>marked Dungeon flies open and Beastie MRA SHOUTS:
>>>>Dear All.
>>>>For past few days, my MX receive thousand of undeliverable message
>>>>destinated for my non existent user at my domain.
>>>>This message source come from valid and well configured (almost)
>>>>server on internet.
>>>>I'ts waste my internet b/w, cause my MX will reject with non
>>>>user message.
>>>>I'll try spamd on my firewall and greylist on my MX (postfix), but
>>>>no effective, and i cannot block undeliverable
>>>>message as RFC rules
>>>>Is there any way i can fix this ?
>>>>Please help
>>>I use the virtusertable in sendmail, and I have my valid addresses,
>>>such as bv and then for after that is
>>>a line of nouser.
>>>And nouser is defined in aliases as nouser: /dev/null
>>>On one of the mail servers I maintain I just checked and I
>>>had 260,000+ messages routed to "*file*" in the maillog - which
>>>shows up as mailer=*file* in the logs. That maillog rotates
>>>every night at midnight.
>>>Is not really a freebsd-net problem so I removed that from the
>>>reply to line.
>>>Bill Vermillion - bv @ wjv . com
>>Thanks for response...
>>but this virtusertable will not stop SMTP server in internet to keep
>>send you undeliverable message.
>>I assume someone doing nasty with forged and use my domain email to
>>his spam message to non existing user.
>>and i got undeliverable message.
>>Is there any clue ??
>>Oh.. i forget to mention i use 4.11-STABLE for my MX
>Hmmm... SPF records are a good tool against this sort of thing.
>Perhaps if you change from:
> "v=spf1 mx "
> "v=spf1 mx -all"
>That means that SPF compliant mail servers should refuse to accept
>messages (ie. a hard fail) from any machine other than the MXes for
> See for the full
>story on SPF records.
>It's not a 100% solution and it will take the spammers some time to
>realise that forging your address in their e-mails is much less
>effective. On the positive side, it will mean that many mailservers
>reject the incoming spam during the SMTP dialog so you'll get fewer
>bounce messages.
>This problem exposes an architectural flaw in many e-mail server
>setups. Either all of the MXes for a domain have to be able to verify
>addresses on incoming e-mails and reject any non-existent destinations
>during the SMTP dialog, or (like Bill does above) once a message has
>been accepted by any of the mail servers for your domain, it should
>never be bounced back to the (probably forged) mail address in the
>headers because the recipient doesn't exist. Bouncing for other
>(like eg. mailbox over quota) does not generally add to the overall
>load. Normally a very simple site with just one server will get that
>but a more complex site with several MXes and various SMTP routers etc.
>internally will frequently not.
>Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
>Flat 3
>PGP: Ramsgate
>Kent, CT11 9PW


i have problem with SPF record in dns , because i have serveral mobile
users and off site users
that use SMTP provide by internet provider. and i cant list it one by
one in spf record. :(


Want to link to this message? Use this URL: <>