[ILUG] [OT] Mail query

Ruairi Hickey Ruairi.Hickey at dkit.ie
Fri Feb 10 15:20:35 GMT 2006 

On Friday 10 February 2006 14:17, John Madden wrote:
> On (10/02/06 13:42), Brendan Halpin didst pronounce:
> > Is it normal practice for a mail server to
> >
> > 1: silently accept mail for a non-existent local user?
>
> This can happen if there's a catch-all in place -- essientally a mailbox
> that catches all mail to a domain that isn't caught by any other
> mailbox.
>

Bouncing mail to unknown recipients invariably ends up being sent to a 
non-existant  / forged sender which in turn bounces back again.  Exim allows 
for recipient checking at smtp time and drops the smtp connection with an 
error rather than generate a bounce.

> > 2: silently accept mail for a non-existent non-local domain?
>
> To the best of my knowledge, this shouldn't happen. If the domain
> doesn't have an MX record, then the mail server doesn't know where to
> send the mail and it should be bounced back to the sender.

Agreed, I would never configure a mail server to do this....
>
> > 3: not pass back error messages resulting from trying to relay to a
> >    non-existent domain?
>
> Any fatal errors should be sent back to the sender.
>

> > 4: not pass back other error messages (e.g. SMTP level spam checks,
> >    or no-such-user at the non-local domain)?
>
> I'm not quite sure what you mean here. If it's a fatal error, then the
> sender should be notified. If it's not then the sender isn't notified.

	I have to disagree here, sending bounces for virus notification / SPAM alerts 
either ends up as an undeliverable / further bounce or mail bombs some 
innocent parties mailbox.

	We do all our scanning at smtp time, dropping the connection with an error 
message if we detect a virus / spam / unknown recipient.

	From a security point, we drop the unknown recipients with "550 local error" 
rather than an unknown recipient to obfuscate valid addresses against 
harvesting.

	As an example of the amount of messages a virus outbreak / spam outbreak can 
generate here are our stats for a single day in January

Virus count: 441
Spam score between 5 and 15: 516
TOTAL Recipient Verification Failed (including from backup MX): 15328
Spam score over 15: 825
relay not permitted: 2
Messages Relayed: 3301

	If we had bounced all the recipient failures, viruses and SPAM  this could 
concievably have resulted in an additional 35,000 emails if the source 
addresses were also invalid (as is likely)  which would have left us with a 
return of 3,301 valid emails out of approx 50,000 total messages.


Ruairi

More information about the ILUG mailing list