Le 07/09/2010 16:17, Noel Jones a écrit :
On 9/7/2010 2:32 AM, Jan-Frode Myklebust wrote:
On Mon, Sep 06, 2010 at 06:29:28PM -0500, Noel Jones wrote:
I fail to see how controlling your users From: addresses will affect
a backscatterer.org listing.
I'm thinking we can accept sending some backscatter to our own
customers, at least as long as it's authenticated backscatter and we can
stop the abuser. We just want to avoid sending backscatter out of our
networks.
That's crazy talk.
Do you have any other suggestions/pointers to what the real problem is?
Don't accept mail you don't intend to deliver, and don't annoy other
sysadmins or remote users. Specifically:
- reject unknown recipients for your local/virtual/relay domains
during the SMTP transaction. Do not accept everything and later
bounce the undeliverables.
- If you do spam and/or virus filtering, either do the filtering
pre-queue so you can reject unwanted mail during SMTP, or accept+tag
or quarantine unwanted mail. Never bounce unwanted mail back to the
reported (forged) sender address.
- Do not use the postfix "reject_unverified_sender" setting unless you
are a very low volume site or you make arrangements to severely limit
the scope of addresses that are verified. Many sysadmins view
verification probes as abusive -- it can appear to be a dictionary
attack.
OP is an ISP providing outbound relay to residential users. his problem
is not easy to solve.
