Vicious Circle
Dave Goodrich
ldg at TLS.NET
Mon Mar 7 14:51:02 GMT 2005
Steen, Glenn wrote:
>>-----Original Message-----
>>From: MailScanner mailing list
>>[mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf Of Martin Hepworth
>>Sent: den 7 mars 2005 14:42
>>To: MAILSCANNER at JISCMAIL.AC.UK
>>Subject: Re: Vicious Circle
>>
>>
>>Dave Goodrich wrote:
>>
>>>Steen, Glenn wrote:
>>>
>>>
>>>>>-----Original Message-----
>>>>>From: MailScanner mailing list
>>>>>[mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf Of Dave Goodrich
>>>>>Sent: den 5 mars 2005 18:10
>>>>>To: MAILSCANNER at JISCMAIL.AC.UK
>>>>>Subject: Vicious Circle
>>>>>
>>>>
>>>>(snip)
>>>>
>>>>
>>>>>I am at a loss, the root of the issue is I have 100k
>>
>>messages a day,
>>
>>>>>some just *might* be legitimate address misspellings, I
>>
>>can't drop all
>>
>>>>>bounces. But the vast majority are trash.
>>>>
>>>>
>>>>
>>>>I think you have a "fault" in your reasoning here. The
>>
>>responsibility
>>
>>>>(and thus requirement to produce bounces) for a message is
>>
>>not yours
>>
>>>>until after you've accepted the message. So if you do, as
>>
>>many here have
>>
>>>>already recommended, reject (with a 550) any unknown
>>
>>recipients/domains,
>>
>>>>then the resposibility to generate a NDN/NDR would still
>>
>>be _the sending
>>
>>>>MTAs problem, not yours_.
>>>
>>>
>>>Ahh, I understand now, but if I reject with a 550, won't
>>
>>that cause my
>>
>>>MailScanner box to then generate the bounce back to the
>>
>>original server?
>>
>>>Foreign Server -> TLS-MailScanner -> TLS-Toaster
>>>
>>>How are others Using MailScanner in front of pop toasters
>>
>>handling this
>>
>>>issue? It is looking as if moving the "User Check" to the
>>
>>MailScanner
>>
>>>machine _is_ my one good option.
>>>
>>>Thanks,
>>>
>>>DAve
>>>
>>
>>Dave
>>
>>not if you 550 reject on the inbound MTA. It never goes anywhere near
>>MS, it simply drops the inbound connection with a "550 no
>>such address".
>>
>>Any mistyped email address from a real user will get that message, ie
>>they get a proper bounce message from their MTA.
>>
>>Any spam attempts from automated/trojaned machines will just ignore it
>>and carry on to the next victim.
>
> Thanks Martin. Good, clear explanation.
>
> Adressing your question about "How to protect pop toasters"... Well,
> this is pretty much the same as protecting your M-Sexchange or Lotus
> or ... any-mail ... setup. And dropping false adresses at the MTA level
> on the ailScanner side is exactly what most do.
>
> Have a fun time with the FAQ (this has been covered extensively on the
> list to, so you might look through the archives), and setting things up.
>
> Someone please correct me if I'm wrong, but you should be pretty
> close...
> If I understand you correctly, you already reject unknown addresses on
> the toasters, so then you'd just need milter-ahead on the MS boxes.
> ... Or roll your own solution:-).
>
> -- Glenn
>
>
Thanks everyone, lots of good info.
DAve
--
Dave Goodrich
Systems Administrator
http://www.tls.net
Get rid of Unwanted Emails...get TLS Spam Blocker!
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list