Tuc at T-B-O-H.NET wrote:
There are "considerations" in doing this. Right now,
all my systems are set up running sendmail, and all with the
config of :
define(`confCOPY_ERRORS_TO',`Postmaster')
As such, true to its name, anytime there is an error, the
postmaster gets a copy. 120K copies of
[snip]
... eww. <g>
isn't acceptable. Yes, I could take out the COPY_ERRORS_TO,
but we also run alot of things that are piped to programs, and we
usually don't see the errors unless that is set.
... O_o Like what? I'm sure there are better ways to receive these
other messages without relying on something of a hack to get them. I'd
never enable that on any production system I maintain; the
(legitimate!) mail volume alone would generate far more error messages
that I really don't need to know about than would be worth wading
through. (Do you *really* want to get copies of every postmaster
response to a legitimate user's mistyped outbound mail?)
For instance, systems here have one of our NOC staff aliases set as the
cron mailto; in the event of a cronjob failure, off goes the mail to
the people who can deal with it. Many tasks send email to a specific
person or alias; and if mail falls apart completely we have the
capability to send to pagers or SMS cell phones.
Even if I did that, though, the next thing I run into is
MX's. The MX blindly accepts the mail.
Push a user list out to the MX. Seriously. Blind relays like that are,
um, nasty. Mail forwarding is slightly less nasty (you usually only
have *one* destination address instead of any destination attracting
spam). I've been there; on a legacy system here I stopped relaying
mail for domains I don't have a user list for some time ago - the
limited benefit it offered in getting mail to the customer faster wasn't
worth the glop in the queue, the postmaster mess, or the hardware and
staff-time cost. (Now to convince head office... <g>)
If you can't cut down the volume on the front-line MX, you *will* have
to spend CPU and/or disk, somewhere, to deal with the mess. Feeding it
to /dev/null as you've been doing is probably about as cheap as you can get.
And as others have noted, it's a tainted feed as a "spamtrap"; you'd
still have to postprocess it to some degree to make it useful anyway.
-kgd
