[Mimedefang] md_check_against_smtp_server and backscatter
pjm at ousekjarr.org
Tue Jul 28 17:51:33 EDT 2009
>> Has anyone use the md_check_against_smtp_server to check if the
>> recipients are valid and if not, discard the message so as to not
>> cause back scatter?
>Would throwing away users not valid as recipients cause more bad than good?
Yes - return a 5xx message instead, so the sender knows that the address
doesn't exist. Worst case is they ignore it and keep spamming addresses
which will never work, while the best case is they tune their lists and the
load on your server may go down. In cases where a legitimate sender has got
the address wrong, it is better to tell them than to silently drop the
message, especially as some mail clients keep a Frequent Contacts list which
will then offer to use the wrong address in future (bad addresses get dropped
from the list if a bounce is received).
I keep a running record of good/bad recipients for each sending IP, and
automatically firewall systems which have sent to more bad recipients than
good recipients if they've sent more than 10 messages. Real e-mail is
unlikely to be this bad, although the problem with idiot-proofing your system
is that idiots are very imaginative.
More information about the MIMEDefang