On 3/12/2011 3:19 AM, Todd wrote:
Isn't back scatter exactly the intent of the spammer? Send the spam to invalid addresses with a forged return which is where the reject goes.
The reality is that spammers use forged sender addresses so their own accounts don't get nuked. Relying on backscatter to get their message through to _somebody_ is rather pointless, because they've also spammed that address directly, and that most mailer bounces aren't very conducive to getting their message through, and most MTAs won't bounce in the first place.
[This may not be obvious _enough_ to those who love qmail ;-)] It's a side-effect of forging, not a deliberate goal in itself.
But you could be right: back scatter may be so specific that these two scripts would be the only ones ever to go into the folder. "Addresses" or "addressees" or even rcptto.
It's a much bigger issue than just backscatter. This is the proper place to do anything you'd want to at rcpt-to time. Checking for existence, obviously. But also aliasing, tagged addresses, checking for permissible relaying, etc. The idea is to have a single plugin that knows _how_ to do those things, with plugins that it in turn uses to find out the information it needs.
