Spammers forged my address - help unbury me from bounces?
Len Conrad
LConrad at Go2France.com
Wed May 28 22:24:20 PDT 2003
>Is this possible? Please save me from being pushed over the line, buying a
>paintball gun, and going hunting.
You're lucky if you can identify a set of senders, rather than random
alphabet soup senders.
You've identified the problem of dropping the mail only after receiving
it. This is the dumbest defense, since it allows the abusers to steal your
resources.
So the best solution is to have the SMTPD process of the MX (desirably a
machine in front of your mailbox server) to reject at the envelope, ie,
after the RCTP TO: command and before the DATA command.
In postfix, you would have a to_recipients_black.map ACL file that the
SMTPD process used to reject:
erin at honeypot.net 554 ACL unknown recipient
micelle at honeypot.net 554 ACL unknown recipient
This keeps the costs to you in bandwidth and in MX resources to barest minimum.
Postfix has another feature called reject_unverified_recipient that will
probe the next-hop (your mailbox server) to see if the recipient is
accepted there before actually the inbound msg. This avoids building the
to_recipients_black.map. the reject_unverified_recipient feature maintains
its own equivalent file to cache positive and negative answers to the
recipient probes.
Len
_____________________________________________________________________
http://MenAndMice.com/DNS-training: Denver; New York; Seattle
IMGate.MEIway.com: anti-spam gateway, effective on 1000's of sites, free
More information about the freebsd-questions
mailing list