[Mimedefang] bounces and queues

[Jeremy Mates]

* Rick Robino <rrobino at wavedivision.com>
> Spammers are actively employing this, and that means that we're
> talking about alot of queued up bounces that are not going anywhere -
> keep in mind that sendmail's default is (IIRC) four days.  If your
> mqueue and clientmqueue and MIMEDefang area are all on one slice, like
> mine, this can become a problem.  Is anyone else seeing this?

Yes; this may be the reason _FFR_QUEUERETURN_DSN was added to sendmail
8.12.9 that in theory allows faster timeouts on delivery status
notifications.  Another option would be to note problematic domains by
looking at the logs, and handling mail for such differently with the
queuegroup feature; cf/README and op.ps talk more about queue groups.

> The real solution would be to implement a more intelligent and easily
> configurable queueing algorithm, where state would be kept about hosts
> who reject email and their reasons.  In my experience, most
> legitimately down hosts will at least return a DSN indicating a
> problem.

Some spammers appear to accept the dialog, but reject the bounce with a
random error about this or that.  Folks unhappy about mail being forged
for their domain may also bounce with a similar random error, which may
make tests tricker.  And then there's the misconfigured ancient MTA
running on the campus payroll system that might need exclusion from
such checks...

Another thing to look for is the spammers who forge their MX records to
point at a 127/8 or similar non-routable IP address, and possibly reject
mail from such domains in advance.