Arrrrgh, many thanks for opening my eyes on that. I'm glad about exim's acls, so most of the spammers/virusbots were blocked before my machine spreaded dumb bounces. You're right, I have to retire these routers immediately.
But then: How can I achieve my policy, to 1. Deliver unknown recipients mail to postmaster 2. Send a bounce to the sender, copy of it to postmaster from my check_rcpt acl? If anyone is able to answer this, I will change the topic. In my case, the long faked spam file is now closed. Thanks sebastian Am 16.11.2005 22:16 Uhr schrieb "Fred Viles" unter <[EMAIL PROTECTED]>: > > .... > Since the message gets accepted, this router causes *delivery* to > fail, which results in the DSN (bounce) messages that you see frozen. > It is also presumably causing your server to generate and > successfully deliver collateral spam to innocent third parties whose > valid addresses are forged as the senders of spam and malware > delivered to your system. > > (tests it...) > > Yup. And since you return the full incoming message in the DSN, you > are running an abusable open relay. This will probably get you > blacklisted in due course. > > > You should also delete the last router. I can't emphasize that > enough. You should *not* be generating bounces for messages you did, > after all, accept and deliver (to postmaster). > > - Fred > > > > -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
