 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
7 messages in net.sourceforge.lists.courier-maildropRe: [maildropl] Re: maildrop-1.5.3 an...| From | Sent On | Attachments |
|---|---|---|
| Deim Agoston | May 2, 2003 3:51 pm | |
| Sam Varshavchik | May 2, 2003 4:17 pm | |
| Deim Agoston | May 2, 2003 5:03 pm | |
| Deim Agoston | May 3, 2003 5:41 am | |
| Aleksey Perov | May 5, 2003 3:00 am | |
| Ken...@muspellsheim.net | May 5, 2003 1:51 pm | |
| Marcio Merlone | May 6, 2003 7:55 am |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | Re: [maildropl] Re: maildrop-1.5.3 and EX_TEMPFAIL error | Actions... |
|---|---|---|
| From: | Deim Agoston (ag...@lsc.hu) | |
| Date: | May 2, 2003 5:03:53 pm | |
| List: | net.sourceforge.lists.courier-maildrop | |
Sam Varshavchik <mrs...@courier-mta.com> irta:
tell me, why you can't beleive if you just listen to others your respect won't going down and you can make mistakes? Nobody's perfect, you know.
I believe that I am correct.
Yes, I thought, as you implement your software that way :-) But there is another rule: sysexits.h. Enough said.
recipients, only to bounce them later. As such, your server can now be used as a mailbomb proxy.
Oh, yes, I know this kind of attack too.
I accept real mail. I shudder to imagine what's happening to all Qmail relays out there which stupidly accept every turd that's flung at them.
Let the MTA take care of these things.... Postfix and exim have advanced sender verification mechanisms (like sender addres verification, rejecting mail right from the start if it comes from a non-existent host or the sender address differs from the sender machines hostname etc.) What I expect from an MTA? Bounce spams right from the start of the connection or be able to do the verifications described above, filter it trough a virus scanner if availabe then accept the mail for _domains_ the server host and then pass it to the appropiate LDA - built-in or external, just like virtual of postifx or maildrop ( what I configured trough postfix's master.cf.
Here's a security risk for you: mailbomb any Qmail server with a return
I use postfix instead of qmail :-)
address set to a carefully chosen spam domain that's been shutdown, but still has valid MX record, pointing to a dead IP address. Just keep sending mail for a few hours, which should be enough to fill up the disk with bounces that can't go anywhere.
Postfix has the rigth tools and cofiguration options to take care of these things (with a little help from the admin). I can't say I don't see the point in your what you say but you should accept that the people are not the same and many people ot there think that your implementation isn't correct. I didn't wanted to use hard words or offend you but I believe in standards and implemetation based on them.
So, what about a compile time configuration option? Just like: --with-exnouser use the EX_NOUSER value in case of invalid user specified instead of EX_TEMPFAIL which is the default
bye, Ago
----------- Deim Ágoston LSC Linux Support Center Kft. e-mail: deim...@lsc.hu Tel/fax:06-1/341-0457