Hi there, On Wed, 24 Feb 2021, Joe Acquisto-j4 wrote:
I tend to agree with the "NO" votes. But, in the postfix "FILTER_README" the author(s) suggest it is not a great idea, these days, to send the email back to the sender, as the sender is very likely to be "spoofed".
You need to understand the 'SMTP conversation', and the difference between a REJECT issue during that conversation and what many people call a 'bounce' which takes place after it's over. This is important for anyyone using electronic mail seriously. The SMTP conversation takes place between a client (the one trying to send the mail) and a server (the one that acts for the recipient to whom the client is trying to send the mail). One of them will usually be an MTA, like Sendmail or Postfix, but the other one EITHER might be your 'mail client' - which is a different usage of the word 'client' - like Thunderbird or (Heaven help us) Outlook, OR might be some server which is acting on the sender's behalf through some arrangement they have (like those accursed free Hotmail accounts). The object of the conversation is for the client to hand the message to the server and the server then to acknowledge responsibility for it. There can be a long chain of servers, each acting as a server when it takes mail from the client which is one hop along the chain nearer the originator, and as a client when it sends mail on to the next server. At some point the client says to the server "I want to send this" and the server can respond "no thanks, go away". That means the mail was not accepted by the server. It was a REJECT. In that case the client usually gets back to the original sender (whoever it was) and says the equivalent of "Sorry, no can do". The original sender is NOT the mail address in the "From:" header in the message itself. We might never know who it was. It's the job of the client to handle that, and some of them don't even bother with it - especially if the client (or *its* client) is a bot in a botnet sending billions of spam messages daily. Now if the server instead ACCEPTs the message and then you try to send a message back to the address given in the "From:" header, you have a problem. The problem being that more than 90% of "From:" addresses are forged and you've no idea if the sender really has the address given in the "From:" header. That's the hopelessly insecure way it was designed in the 1970s when we trusted everyone and nobody ever heard of malware. So don't do that, it's called "backscatter spam", and, by doing it, you just became part of the problem. And it's a BIG problem, it costs the collective legitimate users on the planet billions of dollars annually.
For now I will settle on a cron job script that peeks at the hold queue every so often and alerts someone (me) with an alert. I would have thought there was some mechanism already built in to the milter, or postfix, to do that, optionally) but I've not stumbled on one thus far.
It's not the job of either a milter or of Postfix to do all that. It's your job, because only you can know the circumstances (including the possible ramifications of a message getting lost, which range from "nobody cares" to "all hell breaks loose in the HR department, people get fired, people die, companies go bankrupt..."). This has probably drifted as far OT for this list as it should go. Welcome to the delights of running your own mail server. I've been doing it for over a quarter of a century, and I wouldn't have it any other way, but it ain't all roses. Perhaps you could share with us why you feel the need to do it? -- 73, Ged. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
