On Fri, 2010-08-20 at 04:45 +0800, Emmanuel Noobadmin wrote: > > > User A sets a vacation message > User A mailbox becomes full > Sender B sends a message, gets an autorespond from User A > Sender B's mailbox is full/invalid (such as spam) and their server > sends a bounce
Error. The autoresponse should have MAIL FROM:<> and thus should never be able to trigger a bounce. If your autoresponse don't have an empty sender, they are a DoS attack waiting to happen. As you seem to be finding out. > User A receives bounce and sends a mailbox full bounce > Sender B server receives bounce and also sends back a mailbox full > bounce... This is an even more egregious error. Your bounces absolutely *MUST* be sent with the empty sender, and must never trigger more bounces in return. -- David Woodhouse Open Source Technology Centre [email protected] Intel Corporation -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
