Big discussion over on spam-l about sending bounce messages back to From: address that are forged from worms/virii.
Part of the thread that started it: >and the destination mailbox is in a domain we accept mail for, we >accept the mail. Postfix by default accepts the mail, even if the end user >doesn't exist. It's the way postfix works -- and that is RFC compliant. >Once the accepted mail is queued, postfix does the more processor >intensive work, like determining if the recipient is actually valid. >If the recipient is determined to be invalid, postfix sends the bounce to >the user in the From: line. This was part of one reply: >Configure your MTA to reject non-existent local recipients during the >SMTP transaction. It's a one time thing and requires no ongoing >maintenance. Basically one fellow says his Postfix bounces back mail to the FROM: even if it was spoofed, but his Postfix accepts the message completely before even testing if the user was local. If not local then Postfix generates the bounce. Ive been following this thread and everyone says to config Postfix to not bounce messages like that and that its a Bad Thing(tm). Our Postfix here is setup so any unknown RCPT TO: are rejected via check_recipient_access. But I guess I'm missing something. If a worm/person sends using a forged FROM:, postfix rejects based on the check_recipient_access, is there no bounce generated? Its just a reject, end of story. But if postfix was not using check_recipient_access, it would generate a bounce back to the FROM: since it would have to accept the whole message, check if the RCPT TO: was local etc, if not a local user, bounce back to the From: even if it was forged. Is this correct? I dont know if anyone else follows Spam-l, but for some reason my head is swimming with this discussion and trying to wrap myself around it. Basically want to make sure we are good neighbour and try to follow SOP mail production. Thanks, Keith
