OT: Sendmail REJECT or DISCARD preference
Matt Kettler
mkettler at evi-inc.com
Mon Mar 31 18:53:11 IST 2008
Peter Farrow wrote:
> Matt Kettler wrote:
>> Peter Farrow wrote:
>>> Matt Kettler wrote:
>>>> Peter Farrow wrote:
>>>>
>>>>>> Steve.
>>>>> If you reject, and its spoofed you'll get it back anyway, so you
>>>>> end up receiving and then storing it in the postmaster address, it
>>>>> is always best to discard in this scenario...or even worse bouncing
>>>>> it again
>>>>>
>>>>
>>>> Stop confusing REJECT with post delivery bouncing :) See my other
>>>> post in this thread.
>>> I am talking about sendmail access file entries at the MTA level....
>>> nothing else...my point is the general notice supplied in the REJECT
>>> directive often ends up coming back round...I've seen it many times..
>>
>> That's exactly what I'm talking about. I've got several such entries,
>> and I've never seen any of them come back. ever.
>>
>> There's something seriously wrong with your mailserver if this is
>> happening.
> This is how it works:
>
> Someone sends a spoofed spam email to one of my clients the other side
> of my mailscanner, but they get the address wrong.
>
> The mailer daemon on the client server rejects the email, (I am the
> postmaster for my clients Linux server) with user unknown,
Well, duh. That's because the REJECT isn't being implemented at the MX, but a
downstream server.
In order to avoid the postmaster issue you *MUST* implement this at all of the
MXes for the domain.
Of course it will cause the problem if a downstream server does a REJECT,
because it's being REJECTED after your server accepted it.
However, this doesn't make REJECT bad, it just means the REJECT needs to be
implemented on YOUR server, not your clients.
More information about the MailScanner
mailing list