--Original Message Text--- From: Pawe+ Le+niak Date: Tue, 14 Apr 2009 14:50:57 +0200 8>< snip--------- I don't like top-posting but...... Due to your message formatting it is not possible for someone to easily see who said what in your reply. So simply for the benefit of others who may have had a passing interest, I'll make closing comments.
All talk about RFCs in your message is irrelevant because messages from the null sender addressed to a fictitious recipient will NEVER be delivered anyway. RFC3834 is NOT a standard BTW, and we should hope it never is as it contemplates things like sending virus notifications. Echhhk! So we trapit <> to invalid addresses and reading the logs shows that the probability of those messages being bounces from servers configured by amateurs is something like .999977. You have no idea how little load this places on our firewall. It is not even measurable when there is a spambot storm in progress. It does not consume any Postfix resources. It also seems that the tarpitting we do on other spammy senders is noticed by some of them as the number of trapped IPs at any instant is now about a quarter of what it was a year ago. We don't slow down our network by tarpitting. The sender gets 1 char/ 4 seconds and typically gives up after about 1500 seconds with the settings I use. For more info see http://www.openbsd.org/cgi-bin/man.cgi?query=spamd&apropos=0&sektion=0&m anpath=OpenBSD+Current&arch=i386&format=html And that's all folks! Back to lurking for me. ----- W dniu 2009-04-14 13:54, Rod Whitworth pisze: Remember I did say that I was applying this to "null sender to non-existing recipients" (who were purported to be the original senders). We have about 60 spamtrap addresses. Most invented by spammers. I'd imagine somewhat better usage of spam-traps then grey-jail. And if it's "system-wide" - read on. Are you sure that null sender is only used in bounces? What else? - SAV - Auto-replies- - (...)Since in most cases it is not appropriate to respond to - - an automatic response, and the responder is not interested in - - delivery status messages, a MAIL FROM address of <> MAY be used for - - this purpose.(...)- RFC3834 - Any type of automated notifications (...)In some types of - - reporting messages for which a reply is likely to cause a mail loop - - (for example, mail delivery and nondelivery notifications), the - - reverse-path may be null (see section 3.7).(...)- RFC2821 It wastes resources on all the misconfigured bounce-instead-of-reject dummies out there and places no load on my lovely Postfix server. Heh! Could you explain how? If you greylist those mails instead of rejecting, you are getting additional SMTP connection(s). If you reject them, they are discarded. What am I missing? They are detected whilst they are in the greylist and then they are grey-trapped (tar-pitted in other words) IMHO: You are wasting also your resources, and you are slowing down the network. While it's almost sure the other side will not correct configuration, the prize is smaller than the price. Rod/ /earth: write failed, file system is full cp: /earth/creatures: No space left on device Check your storage. Check the population of /earth for yourself ................... ;-( There's still some room ;-) Not enough for all the irresponsible breeders. Pawel Lesniak *** NOTE *** Please DO NOT CC me. I <am> subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ /earth: write failed, file system is full cp: /earth/creatures: No space left on device
