RE: sendmail blocking
From: Nick White (nwhite_at_avidbio.com)
Date: 09/15/03
- Previous message: Sasa Stupar: "Wu-ftp config question"
- Maybe in reply to: Nick White: "sendmail blocking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: <redhat-list@redhat.com> Date: Mon, 15 Sep 2003 11:08:09 -0700
While I do agree with fixing the cause, and not just the symptom, there
are other things to take into consideration:
1: I have many other tasks here besides e-mail admin. If I were to
contact every spammer and auto-list that sends crap to that person's
address, that would be a lot of administrative overhead and time
involved.
2: As you pointed out, this is often a pointless exercise, as these
spammers don't really care who they send to. I'm sure they get millions
of NDRs from each spam run.
3: Adding ACLs to my router for incoming domains is also a lot. True, I
would add the offending domain if they were bothering my real users, but
for a long gone employee, no way.
4: I don't want a lot of administrative overhead, or resources used for
this ex-employee. Just reject (or drop) his mail, and don't bother me
about it.
As a prank, I added the ex-employee's alias to one of my co-workers
mailbox. :) He really liked the 1000% increase in spam!
The way I have it now, all mail gets rejected for this person, and as
the administrator I don't receive any NDRs. Bliss.
Regards,
- nick
-----Original Message-----
From: Kenneth Goodwin [mailto:kgoodwin@datamarktech.com]
Sent: Monday, September 15, 2003 9:21 AM
To: redhat-list@redhat.com
Subject: RE: sendmail blocking
> [mailto:redhat-list-admin@redhat.com]On Behalf Of Ed
Wilts
> Sent: Monday, September 15, 2003 11:48 AM
> To: redhat-list@redhat.com
> Subject: Re: sendmail blocking
>
>
> On Mon, Sep 15, 2003 at 07:53:17AM -0700, Nick White
wrote:
> > I have a quick sendmail question. A server sits
between
> our internal
> > mail server, and the external world that acts as a mail
> receiver and
> > relay box. We do this using the mailertable file. So
any mail for
> > anything@mydomain.com gets forwarded to the internal
mail server.
> >
> > An employee has been gone for over a year now, and I am
> seeing TONS of
> > crap keep coming through for him, and the server is
> sending back out
> > NDRs for each failed attempt.
> >
> > How can I block messages that come through for him,
discarding them
> > silently without sending NDRs?
>
> I'm not sure you can, but I'm resaonably sure that this
would violate
> the RFCs. You're asking an RFC-compliant mailserver to
> accept mail and
> then quietly drop it into the bit bucket without
notifying
> the sender?
> Nasty, nasty...
Ed,
Since Nick has been receiving this junk email for a year now
and
his sendmail server has apparently been sending back the
required "Alice does not live here anymore" messages. Since
the remote end has failed repeatedly to cease sending the
stuff,
the RFC should be modified to require SMTP servers to send
"No such users" automatically to the POSTMASTER account for
each rejection.
This will hopefully flood their disk in time and they will
finally notice
that they have an issue. There is a limit to how long one
should be polite
when dealing with remotes that fail or refuse to listen to
returned error
messages.
Now as postmaster, I get them here
once the email has finally bounced, and I am assuming the
rest of you do as well.
So what we have here is a failure on the part of the
"sending" mail administrator
to cease the transmission of email upon receiption of such
notices.
So Nick has no choice here but to dump the stuff and
minimize his systems load
in terms of these senders who are not listening to his
returns.
Personally, I attempt to find a human at the source point to
"notify".
If that fails, I would put a ACL block for the source IP's
in my border router
and stop the SMTP conversations all together. Especially if
the source was something
I had no need to talk to in the first place, namely mass
marketing mailing lists.
I have the same issue here, but I have users that have been
gone for over four years
and I have been sending back - "No Such user" returns on the
attempts to the remote ends
for as long. They are about to make it into my new border
routers ACL.
Too many of the automated marketing lists are not monitored
and cleaned up as they should be.
Nick, you might want to use the source domain's web site to
see if you can find a human
at the sender's location to scream at. Nail the cause, not
the symptom, first if you can
manage it. Otherwise, block them at your firewall or drop
the email onto the floor.
> One way to approach this would be to accept the mail but
write a
> procmail rule that drops the e-mail into dev/null.
> I believe that simply his will do it but I have not
tested it...
>
> :0
> /dev/null
>
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
- Previous message: Sasa Stupar: "Wu-ftp config question"
- Maybe in reply to: Nick White: "sendmail blocking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
