> A spammer from an IP address that is denied access sends an email to
> one of are users with a return address of [EMAIL PROTECTED] Our email
> says no and sends notice back to [EMAIL PROTECTED] [EMAIL PROTECTED] is
> not a valid email address at AOL, This sends back a failure notice
> to our user. At this point the user is confused because they don't
> know who this person is and they never sent an email to this person.
The SMTP ACL stops the remote server from ever sending mail to your
server, so _you_ don't send a bounce, only a socket-level rejection.
Eventually, the remote end will stop sending. If it's a compromised
RFC-compliant server or proxy (rather than spammer-specific ratware,
which will give up and move on), it will try to send a bounce message
to the sender (return-path). If this bounce bounces (a double-bounce),
there should be no additional traffic sent, per the loop protection
rules of SMTP.
What you are seeing is more likely a simple Joe Job. The messages
you're receiving, and your logs, are the ultimate indicator of what is
going on at your site. Providing more content would help us determine
the nature of what you perceive to be an increase in bounces due to
your ACL implementation, but which may in fact be unrelated.
--Sandy
------------------------------------
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
e-mail: [EMAIL PROTECTED]
SpamAssassin plugs into Declude!
http://www.mailmage.com/download/software/freeutils/SPAMC32/Release/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
