On 05-Dec-2013 12:40 am, "Viktor Dukhovni" <postfix-us...@dukhovni.org> wrote: > > On Thu, Dec 05, 2013 at 12:23:50AM +0530, Nilesh Govindrajan wrote: > > > > > What am I missing? > > > > > > Don't let your PHP applications send mail to arbitrary addresses > > > unless they are restricted to authenticated trusted users. If the > > > latter, make sure you have valid sender addresses recorded for each > > > such user, and use these rather than webform input as the sender > > > address. If a submitted message from a trusted user bounces, the > > > right user receives the bounce. > > > > > > If some of your users are spammers, solve that problem, just > > > filtering out messages to invalid recipients is not the right > > > answer. > > > > I have sufficient spam and virus protection using amavisd. That's > > not the issue. Some applications keep trying to send mail to > > addresses which keep failing and it fills the queue. Plus gets > > the server IP a bad name because of frequent failure. > > Why are the applications doing this? Sending recipient verification > probes may also be detrimental to your server's reputation. >
Probes may not be that much of a issue because it doesn't probe more than thrice a day. For one address. Presently there are 2-3 failing addresses. > > And as a hosting service provider I can't control each and every aspect. > > So chose this method. > > You're hosting PHP applications for clients that send mail? And > the ones that repeatedly send email to invalid addresses are not > spamming? > Spam in technical sense not in human sense. > You're solving the problem at the wrong layer. Route all mail from > the local submission MSA via an intermediate MTA that performs > content analysis for spam and log analysis for repeated bounces. > Postfix is already clubbed to amavisd because the server has virtual domains too. Know of some software which can be used for this purpose? > Disconnect customers that violate sender best practices or your AUP. > > Is hosting PHP apps that send bulk email worth the trouble? I > would severely rate limit mail submission from each client's hosted > site sent to any address outside a small white-list they can change > at most once a week intended to allow unlimited mail to the website > owner. Users who want to send bulk email can work with a legitimate > bulk email provider. > > -- > Viktor These aren't bulk mail. Some misconfiguration on application operator's part. Invalid addresses to which the application is supposed to send legitimate messages.
