-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Konstantin,
Am Do den 28. Aug 2014 um 0:55 schrieb Konstantin Boyandin: > >> 2. Create 'catchall' router, intercepting all unrouteable addresses (I > >> think this is better solution). > > > > Don't. One type of spammer tries random names at your domain and logs > > for later use (and sale to other spammers) as "verified" any tha > > result in an accepted mail. > > Our (company using Exim installation I talk about) policy is to accept > mail even from those hosts that do not implement SPF/DKIM/whatever else, > even in cases when mail is sent from an IP not verified by SPF and so on > - we have too many legitimate mail that doesn't pass those checks. Thats OK, But it is a difference to accept mails to existing local accounts but with broken SPF/DKIM stuff (what addresses the sender side) and having a catchall router that accepts all mails independent if the address exists locally or not. The first might be ok (I myself would not receive such mails but that is my opinion) the later is a absolute no go. > So currently I have 500 to 1000 of backscatter mail sitting in mail > queue, since it can't be delivered to forged sender of spam sent to > non-existing local addresses. Are there efficient ideas to reduce that > number? So all that mails you accepted while you did not have a local user for that addresses? In that case you have to check if it is legally possible in your region to just drop the mails. Don't, never ever, accept mails to not existing users and don't accept mails to existing users where you want to prevent them from receiving it for any policy reason (like spamchecking or virus checking). If you take the mails you are legally responsible to deliver them; independent if you are able or not. Something different is outgoing mails you received locally _from_ your users. Regards Klaus - -- Klaus Ethgen http://www.ethgen.ch/ pub 4096R/4E20AF1C 2011-05-16 Klaus Ethgen <[email protected]> Fingerprint: 85D4 CA42 952C 949B 1753 62B3 79D0 B06F 4E20 AF1C -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQGcBAEBCgAGBQJT/wfaAAoJEKZ8CrGAGfasavsL/A1PCdMynlvCTwefhyULK7NN sRODOzY1WLmYxzygvJxNOME0C1MMRv21TC2TUWxj5nuLIrazNuRcI2Lp5Oz1cGqd 96LAx8zHSphfc+xuZilYy2kYH7NpT5nkyLUxSXXxOLrYM8bcCWScGKWXH89IyTS1 fhYvDkflUdwBtGYeAEq1Og+pBKJUUQbA3rUVDb98urpurklDWXprqYAdcf+E/rMA jeSVs99MmckUolMHeHr0IfaDgdhnMzS8Q8M3u2O/1YVlUcFFr+8nmJHFzNVxU0f/ HXp9c+0BgrAFt7DZI3sfBmbMwzDr5DzxySR6nrViQ1/FrtIMt4z7GC60rejA9G7D xzRNSAfRjapdhPcwctFb5SV6zUlYHr1ERYGA+yZzQ791Cb/Xk9KtdBoAb4u8J5Xg 1ZzVWup9mbz+TcPXNfTrP/cBW4ZDyxgqk8jZmPNXRTUSL99v8vOpuN7nc0F0GYoq e94eg93GLBdF18ctnovx75HQ58We4OPD1KYsPAnZqQ== =pr2w -----END PGP SIGNATURE----- -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
