[nSLUG] Whither to bounce unknown recipient address?

D G Teed donald.teed at gmail.com
Thu Aug 30 15:33:39 ADT 2007


The DNS checks are reliable.  My DNS server has as much
chance of breaking as postfix, and it uses a local machine
server, so it is all in one boat.  Anyway, given what I saw
today coming from bot nets in Korea, Turkey and Russia, I suspect
DNS rejects are just another back scatter method.

I think the best solution will be to change the bounce template
so that minimal content goes back.

--Donald

On 8/30/07, Ian Campbell <ian at slu.ms> wrote:
> On Thu, Aug 30, 2007 at 03:14:32PM -0300, D G Teed wrote:
> > Thanks for the tips.  We've got amavisd+SA , RBL+,
> > clamav, reject from reverse DNS failure and
> > many more configurations to defeat spammers.
> > SPF and DKIM are on my to do list.
>
> Be careful with permanent rejections based on DNS checks. If your DNS
> breaks, you might be losing mail if your DNS breaks.
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
>
> iD8DBQFG1woj61BeoG+rnd4RAtyvAJ9gFmaiNO4s+M0m1m4iPug2QrhZGQCgif7Y
> pnbYgEPxJYAic228tXk0420=
> =Z9FI
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> nSLUG mailing list
> nSLUG at nslug.ns.ca
> http://nslug.ns.ca/cgi-bin/mailman/listinfo/nslug
>
>



More information about the nSLUG mailing list