> As ISP you can't drop mails because of coming from an open relay that easy.
I do not drop them, i refuse accepting them. It's up to the sending relay to
decide what to do. Usually they get bounced.
So the sender of a valid mail get's an error message containg the URL to the
page explaining the Problems of open relays and telling him to tell his mail
server admin to close the open relay.
> There may be and will be valid emails affected. So tagging gives your users
> the ability to decide themselves (they'll most likely have a nice web
> interface, for us they don't have shell access) what to do with these mails.
And they will never understand what you are talking about. but they'll
complain about the spam they get.
> The patch just introduces the ability to tag mails. It does not change
> qmail-ldap's "normal" behaviour. You can for example block all hosts in
> outputs.orbs.org (via ~/control/rbllist) and only tag all mails in
> dialups.mail-abuse.org (via ~/control/rbltags). It is you decision what to
> do with these tagged mails, bouncing, just deleting or whatever.
I posted this more to learn some other point's of view about this issue.
I currently use rblsmtpd, a separate package which is inserted between
tcpserver and qmail-smtpd and which rejects smtp connection from rbl sites.
This works nice for me since over a year now, i never got any complaint yet.
I just looked into my logs and saw i today rejected two connections from
hostnames who don't reverse-resolve and whois to .com.co (in bogota)
and a shoe manufacturing company in china.
Tell me those were not spammers...
"553 Open relay problem - see http://www.mail-abuse.org/cgi-bin/nph-rss?$IP$";
gives some example spam sent from these sites.
yesterday i had 11 rejected connects from 9 different sites, just 3 of them
having a reverse lookup to some obscure companies.
That's why i like rblsmtpd very much.
But i had once some spammer in los angeles using the mail server from their
ISP, but an non-existant address on our domain...
I did get a lot of double-bounces, about 14 Meg in total...
These mails never passed through our system, the used address never existed.
Currently i get about 5 double bounces a week, but i have just about 600
customers; these double bounces are usually some mails with a bad Return-Path
sent to no longer existing addresses.
If i get multiples and the sender does not reply, i just put the address
into badrcptto, so the mail doesn't get accepted by our system.
Not accepting the message with an error code as soon as the recipient
is sent (the message body not yet) also is much faster and makes much less
traffic; with bouncing the message get's transmitted two or even three times
(double-bounce)
Greetings,
Erich
