[Mimedefang] md_check_against_smtp_server and backscatter

[-]

--- On Tue, 7/28/09, Kayne Kruse <kkruse at pointone.com> wrote:
> Has anyone use the md_check_against_smtp_server to check if the
> recipients are valid and if not, discard the message so as to not cause
> back scatter?

I check recipients for validity directly in sendmail and reject at the SMTP level so a DSN will never be generated in the first place.  MimeDefang isn't a replacement for sendmail's rules, but an addition for things that can't be done in the rulesets.

With all possible checks done during the SMTP transaction, only forwarding problems will cause DSNs.  Since those DSNs will go only to senders which are not forged (because SPF and DomainKeys are checked), didn't send spam, and didn't send a virus, the DSN will never be backscatter.

DSNs sent to sending mailboxes that are NOT protected by an anti-forgery method are also NOT backscatter - because the mailbox owner, by not protecting his mailbox and thus letting anyone (including spammers) use it as a sender identity, is not receiving an unsolicited response (DSN or otherwise).