On Fri, Apr 15, 2005 at 10:24:47AM -0400, Steven W. Orr wrote:their mail rejected by sa. I have been adding whitelist entries like crazy but I really loathe having to disable spam rejection by spamass-milter.
Rejecting spam is not a good idea. Most of the time you end up spamming some poor sod who has been joe-jobbed. Discard spam. Don't add the to problem.
Rejecting spam is fine Neil.. It's bouncing that's bad.
Rejecting = 550 at the SMTP layer.
Bouncing = generating a post-delivery bounce.
If you reject, it goes back to the joe job victim from the abused relay. No big deal there, the victim can just block the abused relay without concerns for collateral damage. Odds are very good he's going to have to block this server anyway, as it's going to be generating thousands of undeliverable errors anyway.
If you bounce, it goes back to the victim from your server. This is tough for the victim to deal with, because there could be thousands of servers doing this. Blocking all of them is time consuming.
It's basically the difference between trying to block a DoS attack that's coming from one source, vs blocking a DDoS attack coming from many. DoS is easy to deal with, DDoS, not so easy.
