On 06/12/2018 00:02, Jasen Betts via Exim-dev wrote: > NDRs go to the envelope sender, so they will bounce back to a single > address (per message), but there can be several "delayed" messages and > a single bounce (retry timeout exceeded) for each input, so that > provides small-scale amplification, until the timeout is reached, > after that no amplification. > > where available SPF is one mitigation for this. It prevents the attacker > from forging the sender address.
Alternatively, set delay_warning_condition to only send warnings if the email was sent by one of your own users. -- Simon Arlott -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##