> > That was my anti-spam measures returning the message because the
> > sender domain didn't exist.
>> DNS failures may be of temporary nature, and the prefered way to
> deal with them at MTA level is to create soft bounces. I.e. return
> a 4xx error code (typically 450), not a 5xx (550) error code. The
> sending MTA will then requeue the message and try again later, giving
> the DNS a chance to recover.
I agree, but only for 'transient' DNS errors (such as unable
to contact name server). However, if you get an authoritative
response that says "domain doesn't exist" then there is no point
in retrying. If you accidentally send a message to ilug at linus.ie,
which would you prefer:
1. an immediate bounce
2. a warning (probably 4 hours later, maybe a whole day) from
a mail server that's holding it in its queue?
And this particular case is different. It's not the dest addr
that doesn't resolve, it's the source address. I don't want
thousands of spam messages with fake sender addrs to clog up
mail queues all over the net.
> From postfix sample-smtpd.cf:
>> | # The unknown_hostname_reject_code parameter specifies the SMTP server
> | # response when a client violates the reject_unknown_hostname
> | # restriction.
> | #
> | # Do not change this unless you have a complete understanding
> of RFC 822.
> | #
> | unknown_hostname_reject_code = 450
I disagree. Of course, I haven't read 822 in a long time. Maybe
I should. Maybe it would change my mind. Maybe it won't. Maybe
that particular recommendation has been superseded by another RFC.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!