John Hardin wrote:
On Wed, 11 Feb 2009, Ned Slider wrote:
If every server used Postfix in it's default configuration then
backscatter wouldn't exist.
Question: if a relay MTA accepts a forged-sender message for another
domain, attempts to deliver it, gets an SMTP 5xx hardfail for unknown
recipient, and attempts to deliver a DSN to the (forged) sender, do you
consider that backscatter?
Yes, that's backscatter.
Good question. Firstly no MTA should be set up to act as an open relay
by default therefore any relay functions must have been specifically
configured by the mail admin. My understanding is that best practice
should always be to maintain a list of valid relay recipients for
domains you relay mail to or provide backup mx services for so you only
accept and relay mail for known recipients.
How would postfix's default configuration address that scenario?
By not being a relay by default. For that to happen someone would have
to (mis)-configure something.
