> I'm all of a sudden starting to get a lot of bounce messages on
> accounts that I'm filtering for. It's the trick where the spammer
> co-opts either a domain name or a full address...
"Joe Job" is the common term for this.
> Do I target all bounces for deletion?
Not if you want to retain your customers.
> I'm wondering if this will create problems with my users not getting
> their bounces when servers like AOL seem to accept the message only
> to issue their own response instead of letting my server, or my
> customer's server handle the errors.
Of course it will create problems.
In another thread, you've argued (unconvincingly, to my mind, and in
the face of best practices) against having MXs reject unknown
users--and in that same thread, you seemed proud of your policy of
swallowing all misaddressed mail at the MX. You offered some
reasonable defense of that policy, but now you're escalating to the
position that no bounces whatsoever can originate from non-MX
machines? That unfortunately suggests that you haven't made an fully
educated decision in either case. In addition to rejections generated
at the MX, bounces can be generated for mailbox- and content-sensitive
reasons, unrelated to spam detection, that can only be detected on
mailbox servers. The bounces therefore may be routed through MXs,
through outgoing gateways, or directly from the mailbox servers
themselves, depending on site-specific factors.
IMO, it's in everyone's interest to reject as much as possible at the
MX, but mega-providers--and anyone running IMail as mailbox-only
behind an MX, for that matter--simply cannot reject everything at the
edge. It's absurd to stipulate that only envelope rejection at the MX
is valid.
The only arguably deceptive, though common and reasonable, "seem to
accept" scenarios are when mail is NULlified after acceptance by
anti-spam software such as Declude. Accepting mail at the MX, then
sending a notification of deeper failure, is not "seeming to accept"
anything--it's common, reasonable and RFC practice--unless *you* then
in turn NULlify the notification.
> Personally, I've had all outgoing bounce messages turned off for
> about 6 months
You mean bounces for suspected spam, or all bounces entirely? If the
latter, you're certainly doing your customers a disservice!
> It seems that between the spammers and the virus programmers, error
> reporting has been ruined,
You're concluding this based on 10 per week? :)
> In my opinion, bounces should only be sent when the MAILFROM matches
> the REVDNS domain
Well, sorry, but...your opinion does not jibe with the way SMTP has
been deployed all over the globe. See Kami's response for just one
example.
--Sandy
------------------------------------
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
e-mail: [EMAIL PROTECTED]
SpamAssassin plugs into Declude!
http://www.mailmage.com/download/software/freeutils/SPAMC32/Release/
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
