293103Re: allowing and then dropping wildcard users
- May 13, 2013Noel Jones opined on Sunday 05-May-2013@20:37:44
> On 5/5/2013 3:39 AM, LuKreme wrote:The actual answer was much… odder.
>> I have several domains on my postfix server, and I have one where the owner wants the following behavior:
>> user1@... = real user account
>> user2@... = real user account
>> *@... = mail checks accepted, actual mail dropped.
>> basically, some servers sent a query to the mailserver to see if an email address is accepted by the server, and she wants any email address to pass this check, but for actual emails to any addresses other than user1 or user2 to be dropped.
> This was a common anti-spam technique ~15 years ago when both the
> spammers and anti-spam countermeasures were far cruder.
> No doubt your customer read about this technique in some ancientThe owner of the domain is active on some web forum<1> were each message posted subscribes the user to the thread with no option to disable the subscription. The owner wanted to change his email address on the forum so he would not get the replies posted delivered to his email, but the forum ‘verifies’ that the address is valid by opening an SMTP connection to the server.
> article on avoiding spam. It's good they're trying to educate
> themselves, but they stopped too soon.
Once this was clear I told him to just use user1+junk@... which would deliver the mail to the Junk mailbox and mark it as read on delivery.
> Best practices often change with time. Invite your customer to theI would not allow a wildcard domain that delivered the mail.
> 21st century. Wildcard domains are no longer recommended, and for
> good reasons.
<1> I didn’t ask, he didn’t tell me.
'How do you know I'm mad?' said Alice 'You must be' said the Cat 'or you
wouldn't have come here.'
- << Previous post in topic