OT: Sendmail REJECT or DISCARD preference

Peter Farrow peter at farrows.org
Mon Mar 31 20:30:32 IST 2008 

Glenn Steen wrote:
> On 31/03/2008, Peter Farrow <peter at farrows.org> wrote:
>   
>> Koopmann, Jan-Peter wrote:
>>  >>>  Someone sends a spoofed spam email to one of my clients the other
>>  >>>
>>  >> side
>>  >>
>>  >>>  of my mailscanner, but they get the address wrong.
>>  >>>
>>  >> Why did you accept this mail for relay in the first place?
>>  >> This is where you go wrong, all the rest is purely your own fault...
>>  >> If one were in the blame-game:-):-).
>>  >> I'm not, I'm more interrested in you getting this right, and beleive
>>  >> me... this will make a marked difference for you.
>>  >> The problem is simple: You are the public MX for these customers, but
>>  >> you don't know their "email address universe". You need setup a method
>>  >> that ensure you do.
>>  >>
>>  >
>>  > I think finally begin to understand what he is doing... Thanks Glenn.
>>  > :-)
>>  > --
>>  > MailScanner mailing list
>>  > mailscanner at lists.mailscanner.info
>>  > http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>  >
>>  > Before posting, read http://wiki.mailscanner.info/posting
>>  >
>>  > Support MailScanner development - buy the book off the website!
>>  >
>>  >
>>
>> Well, actually no I don't need to know their users list, thats the
>>  beauty of this configuration.  To add anti spam to a clients setup I
>>  simply insert my servers,  I don't need to ask them any questions other
>>  than where to send it on.   So this is a top solution, very easy for the
>>  client, and my clients love it, I can anti spam their email without even
>>  knowing or wanting know anything about their enterprise I just tell them
>>  to adjust their DNS.  Hence, I do have it very very right indeed.
>>     
> Well... There is no difference if you do this setup "correctly"
> (call-ahead), or "in-correctly" (NDR/NDN/DSN-hell with DISCARD of all
> such (more or less) as a band-aid).
> You wouldn't ask them anything different for that address verification
> either;-).
>
>   
>>  Could you imagine trying to know about all the users  on each mail
>>  domain for each client, with 1000s of clients and therefore 100,000s of
>>  users.... its all about scale and ease of implementation and thats why
>>  on this type of scale and even small ones a discard is a supremely
>>  useful solution...
>>     
> "know" and "you" are relative terms here. "Your server" need only know
> at the point where it ponders accepting a new message or not... No
> database needed (although that has it's perks too... Not workable for
> larger installs, but usable for medium->small setups).
>
>   
>>  If I wanted to implement a client user list I could always add a
>>  look/check ahead milter, but why bother this works better, and a look
>>  ahead would mean I would need to know if their mailbox holder server was
>>  behind an internet facing smarthost or not to make the check valid or not...
>>     
> It actually doesn't. Work better, that is:-). But I'm pretty certain
> I'll bnever convince you of that...;-).
> And the beuty of the call-ahead... is that you needn't care onewhit
> about smarthosts or anything. Because when that host accept the mail,
> you are out of the DSN-loop... it is their problem;-).
>
> Cheers

>>you are out of the DSN-loop... it is their problem;-).

--I'm their postmaster--- remember---  my clients don't want it to be "their problem"..

so -- yes it does work better... for me and those clients...

More information about the MailScanner mailing list