avoid bouncing of rejected messages
in [Sendmail]
|
From: Dietmar Rieder on 15 Feb 2010 07:26 On 02/15/2010 12:04 PM, Loki Harfagr wrote: > Mon, 15 Feb 2010 10:15:27 +0100, Dietmar Rieder did cat : > >> On 02/12/2010 09:39 PM, D. Stussy wrote: >>> "Dietmar Rieder"<nospam(a)tugraz.at> wrote in message >>> news:4b754d12$0$11352$3b214f66(a)aconews.univie.ac.at... >>>> On 02/12/2010 11:41 AM, Xavier Roche wrote: >>>>> Dietmar Rieder wrote: >>>>>> At the MX, we are using several anti-Spam techniques that reject >>>>>> messages based on different rules and Spam that passes that rules >>>>>> gets tagged but we (legally) have to forward it to the downstream >>>>>> servers. >>>>> >>>>> Why ? If you reject the spam during the SMTP transaction, you refuse >>>>> to take the responsibility of the delivery. It is up to the sender to >>>>> ensure that the original sender knows that his message was not >>> delivered. >>>>> >>>>> You do not "delete" nor "bounce" the message in this situation: you >>> just >>>>> do not want to take it. This clears any responsibility, including >>>>> risks of bounding a message to an innocent recipient whose email >>>>> address was forged. >>>>> >>>>>> But, unfortunately some of our downstream server use Spam-fighting >>> tools >>>>>> to reject spammy messages, which in turn leads to a bounce >>>>>> generation >>> at >>>>>> our MX. >>>>> >>>>> You choose to get the "hot potato", and you are screwed. Do not take >>> it. >>>> >>>> Well, that's easy to say but not always doable, it's not us to decide >>>> what to reject and what not, if the message is "technically" ok and >>>> passed the filters (nolisting, greylisting, reverse lookups,....) >>>> imposed on the MX. We cannot reject messages based on its content. >>>> Maybe one can do that on a private server but unfortunately not in our >>>> environment. >>> >>> A solution for your problem was posted last year on this group, and >>> rejected by consensus. >>> >>> You need to modify your server to read the actual extended code >>> returned (e.g. 5.7.1), and if it's on a particular list, drop the >>> message instead of generating the NDR bounce message. >> >> Ok, thanks. I'll search for the discussion, or do you have a link? > > http://groups.google.com/group/comp.mail.sendmail/browse_frm/thread/75ef5cac6f3f6c78/1e327e9a11a5114c?#1e327e9a11a5114c Thanks a lot! Didi
From: David F. Skoll on 15 Feb 2010 08:41
Dietmar Rieder wrote: > One problem with discarding is, that in case of a false positive the > sender will not notice that the message did not reach the recipient. ??? Yes, but that's what you were asking for. Here's the network diagram: INTERNET ---> YOUR_RELAY ---> CUSTOMER'S_MTA You want YOUR_RELAY to change a 5xx reply code to a silently-discard. I'm saying it's not up to YOUR_RELAY to do that. Instead, CUSTOMER'S_MTA should silently discard mail it doesn't like if (and only if) the sending machine is YOUR_RELAY. That's the proper place for such a policy decision. > We are using MIMEDefang, so one thing I was thinking of, was to change > the return-path (envelop sender) to a local quarantine address in case > our MX is tagging a message as SPAM, but this might also cause more > problems than it would help. That will cause huge problems. Regards, David. |