Date: Wed, 28 May 2003 23:24:10 -0600 From: Len Conrad <LConrad@Go2France.com> To: freebsd-questions@freebsd.org Subject: Re: Spammers forged my address - help unbury me from bounces? Message-ID: <5.2.0.9.2.20030528230925.045f2fb8@mail.go2france.com> In-Reply-To: <87el2ixt2v.fsf@pooh.honeypot.net>
next in thread | previous in thread | raw e-mail | index | archive | help
>Is this possible? Please save me from being pushed over the line, buying a >paintball gun, and going hunting. You're lucky if you can identify a set of senders, rather than random alphabet soup senders. You've identified the problem of dropping the mail only after receiving it. This is the dumbest defense, since it allows the abusers to steal your resources. So the best solution is to have the SMTPD process of the MX (desirably a machine in front of your mailbox server) to reject at the envelope, ie, after the RCTP TO: command and before the DATA command. In postfix, you would have a to_recipients_black.map ACL file that the SMTPD process used to reject: erin@honeypot.net 554 ACL unknown recipient micelle@honeypot.net 554 ACL unknown recipient This keeps the costs to you in bandwidth and in MX resources to barest minimum. Postfix has another feature called reject_unverified_recipient that will probe the next-hop (your mailbox server) to see if the recipient is accepted there before actually the inbound msg. This avoids building the to_recipients_black.map. the reject_unverified_recipient feature maintains its own equivalent file to cache positive and negative answers to the recipient probes. Len _____________________________________________________________________ http://MenAndMice.com/DNS-training: Denver; New York; Seattle IMGate.MEIway.com: anti-spam gateway, effective on 1000's of sites, free
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.2.0.9.2.20030528230925.045f2fb8>