avoid bouncing of rejected messages
in [Sendmail]
|
From: Dietmar Rieder on 12 Feb 2010 05:21 Hi, is there a way to avoid bouncing of rejected messages? We have the following situation: Our sendmail server is the MX for many downstream servers to which we are serving incoming messages via LDAP routing, so we know all valid users and do not have the common problem of bouncing messages sent to unknown users at the downstream servers. At the MX, we are using several anti-Spam techniques that reject messages based on different rules and Spam that passes that rules gets tagged but we (legally) have to forward it to the downstream servers. But, unfortunately some of our downstream server use Spam-fighting tools to reject spammy messages, which in turn leads to a bounce generation at our MX. Now, I'd like to avoid bouncing such messages (as they are already Spam), it there a simple way to achieve this? e.g. quarantine instead of bouncing? Didi
From: Xavier Roche on 12 Feb 2010 05:41 Dietmar Rieder wrote: > At the MX, we are using several anti-Spam techniques that reject > messages based on different rules and Spam that passes that rules gets > tagged but we (legally) have to forward it to the downstream servers. Why ? If you reject the spam during the SMTP transaction, you refuse to take the responsibility of the delivery. It is up to the sender to ensure that the original sender knows that his message was not delivered. You do not "delete" nor "bounce" the message in this situation: you just do not want to take it. This clears any responsibility, including risks of bounding a message to an innocent recipient whose email address was forged. > But, unfortunately some of our downstream server use Spam-fighting tools > to reject spammy messages, which in turn leads to a bounce generation at > our MX. You choose to get the "hot potato", and you are screwed. Do not take it.
From: Dietmar Rieder on 12 Feb 2010 07:44 On 02/12/2010 11:41 AM, Xavier Roche wrote: > Dietmar Rieder wrote: >> At the MX, we are using several anti-Spam techniques that reject >> messages based on different rules and Spam that passes that rules gets >> tagged but we (legally) have to forward it to the downstream servers. > > Why ? If you reject the spam during the SMTP transaction, you refuse to > take the responsibility of the delivery. It is up to the sender to > ensure that the original sender knows that his message was not delivered. > > You do not "delete" nor "bounce" the message in this situation: you just > do not want to take it. This clears any responsibility, including risks > of bounding a message to an innocent recipient whose email address was > forged. > >> But, unfortunately some of our downstream server use Spam-fighting tools >> to reject spammy messages, which in turn leads to a bounce generation at >> our MX. > > You choose to get the "hot potato", and you are screwed. Do not take it. Well, that's easy to say but not always doable, it's not us to decide what to reject and what not, if the message is "technically" ok and passed the filters (nolisting, greylisting, reverse lookups,....) imposed on the MX. We cannot reject messages based on its content. Maybe one can do that on a private server but unfortunately not in our environment. Thanks anyway DR
From: D. Stussy on 12 Feb 2010 15:39 "Dietmar Rieder" <nospam(a)tugraz.at> wrote in message news:4b754d12$0$11352$3b214f66(a)aconews.univie.ac.at... > On 02/12/2010 11:41 AM, Xavier Roche wrote: > > Dietmar Rieder wrote: > >> At the MX, we are using several anti-Spam techniques that reject > >> messages based on different rules and Spam that passes that rules gets > >> tagged but we (legally) have to forward it to the downstream servers. > > > > Why ? If you reject the spam during the SMTP transaction, you refuse to > > take the responsibility of the delivery. It is up to the sender to > > ensure that the original sender knows that his message was not delivered. > > > > You do not "delete" nor "bounce" the message in this situation: you just > > do not want to take it. This clears any responsibility, including risks > > of bounding a message to an innocent recipient whose email address was > > forged. > > > >> But, unfortunately some of our downstream server use Spam-fighting tools > >> to reject spammy messages, which in turn leads to a bounce generation at > >> our MX. > > > > You choose to get the "hot potato", and you are screwed. Do not take it. > > Well, that's easy to say but not always doable, it's not us to decide > what to reject and what not, if the message is "technically" ok and > passed the filters (nolisting, greylisting, reverse lookups,....) > imposed on the MX. We cannot reject messages based on its content. > Maybe one can do that on a private server but unfortunately not in our > environment. A solution for your problem was posted last year on this group, and rejected by consensus. You need to modify your server to read the actual extended code returned (e.g. 5.7.1), and if it's on a particular list, drop the message instead of generating the NDR bounce message.
From: David F. Skoll on 13 Feb 2010 15:12
Dietmar Rieder wrote: > At the MX, we are using several anti-Spam techniques that reject > messages based on different rules and Spam that passes that rules gets > tagged but we (legally) have to forward it to the downstream servers. > But, unfortunately some of our downstream server use Spam-fighting tools > to reject spammy messages, which in turn leads to a bounce generation at > our MX. Your downstream users should be told to discard (rather than reject) spam if it originates from your relay machine. If they refuse, then they are deliberately causing you problems and should be cut off. [Our commercial anti-spam solution has the notion of a "friendly network" and it can be told to discard rather than bounce for unwanted content arriving from a friendly network.] Regards, David. |