OT: Sendmail REJECT or DISCARD preference

Peter Farrow peter at farrows.org
Mon Mar 31 19:13:59 IST 2008


Matt Kettler wrote:
> Peter Farrow wrote:
>> Matt Kettler wrote:
>>> Peter Farrow wrote:
>>>> Matt Kettler wrote:
>>>>> Peter Farrow wrote:
>>>>>
>>>>>>> Steve.
>>>>>> If you reject,  and its spoofed you'll get it back anyway, so you 
>>>>>> end up receiving and then storing it in the postmaster address, 
>>>>>> it is always best to discard in this scenario...or even worse 
>>>>>> bouncing it again
>>>>>>
>>>>>
>>>>> Stop confusing REJECT with post delivery bouncing :) See my other 
>>>>> post in this thread.
>>>> I am talking about sendmail access file entries at the MTA 
>>>> level.... nothing else...my point is the general notice supplied in 
>>>> the REJECT directive often ends up coming back round...I've seen it 
>>>> many times..
>>>
>>> That's exactly what I'm talking about. I've got several such 
>>> entries, and I've never seen any of them come back. ever.
>>>
>>> There's something seriously wrong with your mailserver if this is 
>>> happening.
>> This is how it works:
>>
>> Someone sends a spoofed spam email to one of my clients the other 
>> side of my mailscanner, but they get the address wrong.
>>
>> The mailer daemon on the client server rejects the email, (I am the 
>> postmaster for my clients Linux server) with user unknown,
>
>
> Well, duh. That's because the REJECT isn't being implemented at the 
> MX, but a downstream server.
>
> In order to avoid the postmaster issue you *MUST* implement this at 
> all of the MXes for the domain.
>
> Of course it will cause the problem if a downstream server does a 
> REJECT, because it's being REJECTED after your server accepted it.
>
> However, this doesn't make REJECT bad, it just means the REJECT needs 
> to be implemented on YOUR server, not your clients.
>
>
>
>
>
So *duh* no config error then.....

And thus having a valid postmaster address makes the final machine RFC 
compliant,  which means that you won't end up on blacklists like 
RFC-ignorant...

As I was saying in this scenario a discard is far superior, because, as 
I am paid to do I keep the rubbish from even reaching the client as I 
said in the first place, and, as I have 100's of client servers after my 
cluster of mailscanners its not feasible nor what the clients what to be 
configured the same as everyone else.

So, in short DISCARD it is then.

Glad you got there in the end...  :-P

P.






More information about the MailScanner mailing list