On Tue, Jul 25, 2017 at 07:49:32PM -0400, Kevin A. McGrail wrote: > On 7/25/2017 7:42 PM, /dev/rob0 wrote:
>> On Tue, Jul 25, 2017 at 07:07:18PM -0400, Kevin A. McGrail wrote: >>> Unfortunately, you might need logic to accept and silently >>> discard. We do this, for example, with viruses to avoid blowback. > >Oh, I disagree. The best thing to do is to reject anything you're > >unwilling/unable to deliver. You're not causing any bounces; if a > >connecting client does generate a bounce for your rejection that > >is THEIR problem; or in the case of a human sender, that is the > >way to avoid mail loss. > > We can debate RFC's all day I am not talking about RFCs; I am talking about responsible mail handling. > but the reality is that we are dealing > with people not following the RFCs like spambots. A direct-to-MX zombie, the likes of which comprise the vast majority of our postscreen connections, is not going to cause anyone any blowback. The only harm in reject vs. accept/discard is for your Internet connection provider, because they can't bill you for exceeding your bandwidth allowance. :) Real MTAs relaying for a zombie most certainly should be rejected; perhaps it's the only way the admin can find out about, and fix, the problem. > They will just retry and if you do any type of queue and check, > then you can cause backscatter, etc. I certainly was not talking about accept-then-bounce, nor was the OP, unless I misunderstood the post. The previous $Subject would tend to indicate it was about rejection, not bounces. > My advice remains the same if you have mail you are giving a 5xx > that is retrying. Giving it a 5xx is the correct answer. Okay, we are good up to that point. > If that doesn't work, you will find you need to 2xx it and > silently discard. Fortunately that advice, with which I disagree, is difficult to implement in Postfix. It's in fact not possible, without a policy service external to Postfix. > As mentioned, we do this for viruses in particularly to rid the > world of them. Thanks, but I don't think it is working. :) > I'm sure it breaks an RFC in letter but not in spirit as it's my > job to avoid viruses getting through and sometimes they are looking > for blowback messages to carry the payload. I am curious, what kind of logic do you have to determine that a spamming client might be a backscatterer? Are you talking about a custom policy service, or a milter? -- http://rob0.nodns4.us/ Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
