On Fri, Nov 14, 2008 at 3:42 AM, mouss <[EMAIL PROTECTED]> wrote:
> D G Teed wrote:
>
>> I don't think we "send" NDRs as emails originating here.
>> I think we reject emails. Maybe you can tell me.
>>
>> I test emailed a bogus address at work from home. My home ISP's
>> SMTP server sent back a NDR, not my work's MX server.
>> Inside the NDR from my home ISP's SMTP,
>> I see reference to the name of one of the workplace MX servers,
>> but the Reporting-MTA is that of the home ISP, not work's MX.
>>
>>
> That's still backscatter even if it is your ISP that generates it. if you
> ISP can't get the list of valid email addresses, it is better not to use it
> as an MX (and use your server instead). some providers now discard such mail
> (do not generate NDRs) because of backscatter. not ideal, but backscatter is
> a real problem (you know that when you get hit by a backscatter storm).
>
I'm afraid this is misunderstood, or I didn't explain it carefully enough.
The ISP sending the bounce notification is my home ISP, not
the ISP for my work. At home I run a small postfix
which relays all outbound to my home's Cable ISP's SMTP.
The Cable ISP's SMTP attempts delivery to one of
the MX servers at work. The user doesn't exist, so the
Cable ISP must send a NDR to the sender - my home
email account.
If my email client at home used the Cable ISP's SMTP
then I could see how it would reject rather than bounce,
but because there is a relay early in the hops, that does not
happen.
I'm sure spammers can make the same thing happen.
I will include the bounce notification to make it
clear. myworkdomain.ca is the domain at work,
mypersonaldomain.ca is where I'm sending the email
from, and myhomecableisp is the Cable company ISP
for home. The test is sending an email to an
non-existant addres at work, from home.
=========================================
>From [EMAIL PROTECTED] Thu Nov 13 15:08:33 2008
Date: Thu, 13 Nov 2008 15:08:23 -0400 (AST)
From: Internet Mail Delivery <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Delivery Notification: Delivery has failed
This report relates to a message you sent with the following header fields:
Message-id: <[EMAIL PROTECTED]>
Date: Thu, 13 Nov 2008 15:08:18 -0400 (AST)
From: D Teed <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: test
Your message cannot be delivered to the following recipients:
Recipient address: [EMAIL PROTECTED]
Reason: Remote SMTP server has rejected address
Diagnostic code: smtp;550 5.1.1 <[EMAIL PROTECTED]>: Recipient
address rejected: User unknown in virtual alias table
Remote system: dns;mx1.myworkdomain.ca (TCP|10.10.10.82|24168|
131.162.201.19|25)
[ Part 2: "Delivery Status" ]
Reporting-MTA: dns;mta02.myhomecableisp.ca (tcp-daemon)
Original-recipient:
rfc822;[EMAIL PROTECTED]<[EMAIL PROTECTED]>
Final-recipient:
rfc822;[EMAIL PROTECTED]<[EMAIL PROTECTED]>
Action: failed
Status: 5.1.1 (Remote SMTP server has rejected address)
Remote-MTA: dns;mx1.myworkdomain.ca (TCP|10.10.10.82
|24168|555.555.201.19|25)
Diagnostic-code: smtp;550 5.1.1 <[EMAIL PROTECTED]>: Recipient
address
rejected: User unknown in virtual alias table
[ Part 3: "Included Message" ]
Date: Thu, 13 Nov 2008 15:08:18 -0400 (AST)
From: D G Teed <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: test
=========================================
I hope this detail will help in determining if there is room
for improvement.
In the meantime I will see if relay_recipient_maps
and relay_domains can be made to work on a dev box.
I have also learned there was at least
one message we did send out as a bounce from our MX
(related to the single spamcop report I had).
It was during a maintenance cycle where old accounts
were deleted from a mailbox server. There would have
been a gap of a few minutes between that and our
virtual table being updated, and in that time postfix
didn't have an accurate list in virtual map.
--Donald
