Loading ...
Sorry, an error occurred while loading the content.

Re: Rejecting mail to unknown users

Expand Messages
  • Wietse Venema
    ... Yes. When a client becomes malware infected, it will send spam with a false sender address, and Postfix will return some of that spam to innocent people.
    Message 1 of 13 , Sep 11, 2013
    • 0 Attachment
      Zel Uneec:
      > On 11.09.2013 14:43, Wietse Venema wrote:
      > > /etc/postfix/main.cf:
      > > smtpd_reject_unlisted_recipient = no
      > > smtpd_recipient_restrictions =
      > > permit_mynetworks
      > > permit_sasl_authenticated
      > > reject_unlisted_recipient
      > > ...
      > > reject_unauth_destination
      > > ...
      > >
      > > It's is very easy to screw this up and become a backscatter source.
      > > That is why "smtpd_reject_unlisted_recipient = no" is not the default
      > > setting.
      > >
      >
      > Thank you Wietse, that is what I was looking for! So, for now, my
      > problem is solved.
      >
      > Just one more thing: Will this setting have some kind of (big) negative
      > impact? I guess not, but just to be sure...

      Yes. When a client becomes malware infected, it will send spam with
      a false sender address, and Postfix will return some of that spam
      to innocent people.

      Wietse
    • Vishal Agarwal
      Is there any way to control the malware infected computer, not to send more then counted or limited messages.
      Message 2 of 13 , Sep 11, 2013
      • 0 Attachment
        Is there any way to control the malware infected  computer, not to send more then counted or limited messages.


        On Wed, Sep 11, 2013 at 6:57 PM, Wietse Venema <wietse@...> wrote:
        Zel Uneec:
        > On 11.09.2013 14:43, Wietse Venema wrote:
        > > /etc/postfix/main.cf:
        > >      smtpd_reject_unlisted_recipient = no
        > >      smtpd_recipient_restrictions =
        > >          permit_mynetworks
        > >          permit_sasl_authenticated
        > >          reject_unlisted_recipient
        > >          ...
        > >          reject_unauth_destination
        > >          ...
        > >
        > > It's is very easy to screw this up and become a backscatter source.
        > > That is why "smtpd_reject_unlisted_recipient = no" is not the default
        > > setting.
        > >
        >
        > Thank you Wietse, that is what I was looking for! So, for now, my
        > problem is solved.
        >
        > Just one more thing: Will this setting have some kind of (big) negative
        > impact? I guess not, but just to be sure...

        Yes. When a client becomes malware infected, it will send spam with
        a false sender address, and Postfix will return some of that spam
        to innocent people.

                Wietse

      • Kris Deugau
        ... Some idiot mail clients (*cough*ManyversionsofOutlook*cough*) don t actually display the SMTP error response to the user, they just pop up a generic Wahh!
        Message 3 of 13 , Sep 11, 2013
        • 0 Attachment
          Mark Goodge wrote:
          > It might help if you explained why you want to do this. What particular
          > problem is being caused by your internal users getting an error message
          > instead of a bounce?

          Some idiot mail clients (*cough*ManyversionsofOutlook*cough*) don't
          actually display the SMTP error response to the user, they just pop up a
          generic "Wahh! Can't do that!" error message.

          Some users are also quite resistant to actually *reading* the text of
          the error (although these users will also have trouble with reading the
          bounce message).

          -kgd
        • lists@rhsoft.net
          ... iPhones do not show the errors at all as well as ignoring the 5xx repsonse a try over months and weeks to send the same message every 5 minutes by
          Message 4 of 13 , Sep 11, 2013
          • 0 Attachment
            Am 11.09.2013 16:52, schrieb Kris Deugau:
            > Mark Goodge wrote:
            >> It might help if you explained why you want to do this. What particular
            >> problem is being caused by your internal users getting an error message
            >> instead of a bounce?
            >
            > Some idiot mail clients (*cough*ManyversionsofOutlook*cough*) don't
            > actually display the SMTP error response to the user, they just pop up a
            > generic "Wahh! Can't do that!" error message

            iPhones do not show the errors at all as well as ignoring the 5xx
            repsonse a try over months and weeks to send the same message
            every 5 minutes by stupidity

            but that is no reason to generate bounces
          • Noel Jones
            ... There are several policy services that implement rate limits. postfwd is one that is commonly used. http://www.postfix.org/SMTPD_POLICY_README.html
            Message 5 of 13 , Sep 11, 2013
            • 0 Attachment
              On 9/11/2013 9:18 AM, Vishal Agarwal wrote:
              > Is there any way to control the malware infected computer, not to
              > send more then counted or limited messages.

              There are several policy services that implement rate limits.
              postfwd is one that is commonly used.

              http://www.postfix.org/SMTPD_POLICY_README.html
              http://www.postfix.org/addon.html#policy



              -- Noel Jones
            • Zel Uneec
              ... Exactly! ... Can you please explain how is this connected? If client is infected, it can send spam with false sender address no matter if sending to uknown
              Message 6 of 13 , Sep 12, 2013
              • 0 Attachment
                On 11.09.2013 16:52, Kris Deugau wrote:
                > Mark Goodge wrote:
                >> It might help if you explained why you want to do this. What particular
                >> problem is being caused by your internal users getting an error message
                >> instead of a bounce?
                >
                > Some idiot mail clients (*cough*ManyversionsofOutlook*cough*) don't
                > actually display the SMTP error response to the user, they just pop up a
                > generic "Wahh! Can't do that!" error message.
                >
                > Some users are also quite resistant to actually *reading* the text of
                > the error (although these users will also have trouble with reading the
                > bounce message).


                Exactly!


                On 11.09.2013 15:27, Wietse Venema wrote:
                >> Thank you Wietse, that is what I was looking for! So, for now, my
                >> problem is solved.
                >>
                >> Just one more thing: Will this setting have some kind of (big) negative
                >> impact? I guess not, but just to be sure...
                >
                > Yes. When a client becomes malware infected, it will send spam with
                > a false sender address, and Postfix will return some of that spam
                > to innocent people.

                Can you please explain how is this connected? If client is infected, it
                can send spam with false sender address no matter if sending to uknown
                recipients is enabled or disabled, if it has access to smtp
                (sasl_authenticated, etc.)?
              • Wietse Venema
                Zel Uneec: [ Charset ISO-8859-2 unsupported, converting... ] ... With the proposed modification, Postfix will not reject spam for an unknown recipient from a
                Message 7 of 13 , Sep 12, 2013
                • 0 Attachment
                  Zel Uneec:
                  [ Charset ISO-8859-2 unsupported, converting... ]
                  > On 11.09.2013 16:52, Kris Deugau wrote:
                  > > Mark Goodge wrote:
                  > >> It might help if you explained why you want to do this. What particular
                  > >> problem is being caused by your internal users getting an error message
                  > >> instead of a bounce?
                  > >
                  > > Some idiot mail clients (*cough*ManyversionsofOutlook*cough*) don't
                  > > actually display the SMTP error response to the user, they just pop up a
                  > > generic "Wahh! Can't do that!" error message.
                  > >
                  > > Some users are also quite resistant to actually *reading* the text of
                  > > the error (although these users will also have trouble with reading the
                  > > bounce message).
                  >
                  >
                  > Exactly!
                  >
                  >
                  > On 11.09.2013 15:27, Wietse Venema wrote:
                  > >> Thank you Wietse, that is what I was looking for! So, for now, my
                  > >> problem is solved.
                  > >>
                  > >> Just one more thing: Will this setting have some kind of (big) negative
                  > >> impact? I guess not, but just to be sure...
                  > >
                  > > Yes. When a client becomes malware infected, it will send spam with
                  > > a false sender address, and Postfix will return some of that spam
                  > > to innocent people.
                  >
                  > Can you please explain how is this connected? If client is infected, it
                  > can send spam with false sender address no matter if sending to uknown
                  > recipients is enabled or disabled, if it has access to smtp
                  > (sasl_authenticated, etc.)?

                  With the proposed modification, Postfix will not reject spam for
                  an unknown recipient from a local or authenticated client, and will
                  instead send a bounce message to the forged sender address.

                  Wietse
                Your message has been successfully submitted and would be delivered to recipients shortly.