LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] [OT] Mail query

[ILUG] [OT] Mail query

Ruairi Hickey Ruairi.Hickey at dkit.ie
Fri Feb 10 14:42:37 GMT 2006 

On Friday 10 February 2006 14:17, John Madden wrote:
> On (10/02/06 13:42), Brendan Halpin didst pronounce:
> > Is it normal practice for a mail server to
> >
> > 1: silently accept mail for a non-existent local user?
>
> This can happen if there's a catch-all in place -- essientally a mailbox
> that catches all mail to a domain that isn't caught by any other
> mailbox.
>

Bouncing mail to unknown recipients invariably ends up being sent to a 
non-existant  / forged sender which in turn bounces back again.  Exim allows 
for recipient checking at smtp time and drops the smtp connection with an 
error rather than generate a bounce.

> > 2: silently accept mail for a non-existent non-local domain?
>
> To the best of my knowledge, this shouldn't happen. If the domain
> doesn't have an MX record, then the mail server doesn't know where to
> send the mail and it should be bounced back to the sender.

Agreed, I would never configure a mail server to do this....
>
> > 3: not pass back error messages resulting from trying to relay to a
> >    non-existent domain?
>
> Any fatal errors should be sent back to the sender.
>

> > 4: not pass back other error messages (e.g. SMTP level spam checks,
> >    or no-such-user at the non-local domain)?
>
> I'm not quite sure what you mean here. If it's a fatal error, then the
> sender should be notified. If it's not then the sender isn't notified.

	I have to disagree here, sending bounces for virus notification / SPAM alerts 
either ends up as an undeliverable / further bounce or mail bombs some 
innocent parties mailbox.

	We do all our scanning at smtp time, dropping the connection with an error 
message if we detect a virus / spam / unknown recipient.

	From a security point, we drop the unknown recipients with "550 local error" 
rather than an unknown recipient to obfuscate valid addresses against 
harvesting.

	As an example of the amount of messages a virus outbreak / spam outbreak can 
generate here are our stats for a single day in January

Virus count: 441
Spam score between 5 and 15: 516
TOTAL Recipient Verification Failed (including from backup MX): 15328
Spam score over 15: 825
relay not permitted: 2
Messages Relayed: 3301

	If we had bounced all the recipient failures, viruses and SPAM  this could 
concievably have resulted in an additional 35,000 emails if the source 
addresses were also invalid (as is likely)  which would have left us with a 
return of 3,301 valid emails out of approx 50,000 total messages.


Ruairi

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell