How might one do - have a DELETE rule for badly addressed messages. I
just drop them and forget about it?
is it as easy as: " Set catchall email deleted " from admin
in truth ... i thought you HAD to have a catch all account -- yes - i
would rather not.
thanks
also that strategy of : " giving each user a separate mailbox name and
e-mail address "
yes , that is interesting -- I can see how that would work
....unfortunately in my current situation folks already have the
"configuration " that we have.
but maybe for a new bunch of folks a new domain
thanks for the food for thought ,,, a hardy meal.
jim
On 5/19/2014 10:28 AM, Dan McAllister wrote:
Jim,
Exactly why do you want/need a catchall account at all? Albeit, while
that is far better than having a REJECT rule for badly addressed
messages, it also creates an ongoing headache of someone having to
scan through tons of messages that you KNOW are most likely SPAM.
First, some background -- you can do 3 things with badly addressed
mail messages in QMail:
- reject them
- send them to a catchall account
- delete them
Personally, all of my servers have a DELETE rule for badly addressed
messages. I just drop them and forget about it.
First, most new admins want to use a REJECT option -- tell users they
got a bad email address. This is the WORST option, however! Because of
address phishing, you will get many times more SPAM than otherwise if
you send REJECT messages. Why? Spammers will send 100,000 messages to
your server addressed to [email protected], [email protected] [email protected]...
and so forth (usually, it is actually a dictionary/name attack more
than a brute-force attack, but you get the idea). Their goal is to
send you 100,000 emails and get only 99,998 bounce messages -- and
voila! They have 2 "good" email addresses they can add to their "list
of proven good addresses" that they sell to other spammers.
Just having a domain that is "searchable" that way will increase your
SPAM attacks many-fold! So accept EVERYTHING (they'll stop phishing
when they realize you NEVER reject a message due to a bad address!)
That leaves 2 options:
- keep the bad messages, or
- just silently delete them
In my book, I delete them. If you WANT to read through hundreds (or
thousands) of messages that are nearly always SPAM, that's your
business... but there are other ways to determine that a badly
addressed message was attempted -- like that the recipient never got it!
===
One last tidbit for security: A lot of us are essentially lazy when it
comes to accounts for email. Consider this: if your email address is
your login ID, then a hacker only needs to know your password to break
in! Consider instead, giving each user a separate mailbox name and
e-mail address:
[email protected] is just the email address... it actually is an
alias (forward in QMT) for the mailbox [email protected]. Axyl
needs to know the mailbox name when he sets up his mail clients (or
uses webmail), but other than that, everyone uses axyl@ as the email
address. When an "attacker" wants to break into the mail server for
gunsnroses.com, they can use the name [email protected] until the
cows come back from the moon -- but it'll never work, because that
isn't a valid account.
FWIW: for my corporate accounts, I create a mailbox name (I won't
disclose the formula), and then forwards for the actual user in the
form of: [email protected], [email protected], [email protected],
[email protected], & [email protected] (although first@ is
sometimes omitted)... then the user can tell their
friends/coworkers/associates any of the aliases that they prefer...
and while all work, none are the login name for the user (nor the
mailbox name).
Just food for thought.
Dan McAllister
On 5/19/2014 9:15 AM, Jim Shupert wrote:
Friends,
1st let me say that i have asked this forum for advice on my battele
with spam and I can say that I am enjoying success from the wisdom.
thank you.
a related matter.
I [ the postmaster ] personnally get a lot of spam because I am the
ctach all account.
this means I get spam for ' people who do not exist" - this is 2
catagories.
1- accounts that did exist in the past but no longer. ie billiebob
left - so no [email protected] anymore
2- accounts that have never existed . ie [email protected]
as you might suspect these are largely spam.
My q - what is a suggested means of doing this?
my thoughts are
1. a account is made named [email protected] as catch all and assign it
a quota of 5 MB
2 make [email protected] the catch all.
or
3. no change - meaning leave it so it goes to my mailbox as catch all.
thanks
--
IT4SOHO, LLC
33 - 4th Street N, Suite 211
St. Petersburg, FL 33701-3806
CALL TOLL FREE:
877-IT4SOHO
877-484-7646 Phone
727-647-7646 Local
727-490-4394 Fax
We have support plans for QMail!
