From: Michael Tokarev (mjttls.msk.ru)
Date: Sat Jul 02 2005 - 04:52:45 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Wietse Venema wrote:
> Peter Santiago:
> [ Charset ISO-8859-1 unsupported, converting... ]
>
>>Hi,
>>
>>I'd like to ask if you guys have something implemented for increased
>>joe jobbing? I have an email address that is being spoofed as sender
>>by spammers and sent to different servers, and all the bounces came
>>back to me.... I know of a drastic action that is to remove that email
>>address from the alias list so that Postfix will flat out reject the
>>bounce with "550 unknown recipient error". Aside from this, any other
>>ideas?
>
> That would be to temporarily reject bounces to the address in
> question, using the mechanisms in the RESTRICTION_CLASS_README
> document, or an external policy daemon, to stop mail from <>,
> postmaster, etc.

By the way, It'd be very useful to refuse such bounces at DATA
stage (in reply to DATA command), instead of RCPT TO stage. Alot
of sites are doing Sender Verify Callbacks (sender verification,
ala reject_unverified_sender), and if such a restriction (rejecting
bounces to an address being "joed") is in place, remote SAV (*to*
our server) fails. We already have reject_multi_recipient_bounce
available.

How do you think, what's the bad sides of having recipient information
available at DATA and end-of-data stage, *if* we only have exactly
*one* recipient?

I understand that some people will assume, without realizing what IS
multi-recipient mail, that recipient info is always available at that
stage. Is it a problem?

Thanks.

/mjt

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]