If memory serves me right, there is a proper error code for refusing individual RCPT TO lines.
Dave ----- Original Message ----- From: "felipe" <[EMAIL PROTECTED]> To: "David Stults" <[EMAIL PROTECTED]>; "David Young" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Friday, December 14, 2001 1:26 PM Subject: Re: Instant bounce? > On Friday 14 December 2001 06:53, David Stults wrote: > > That is a possible solution, though I don't know how managable it would be > > on the scale I would have to implement it on. Not that we have a lot of > > turn-over, per se, but as an ISP our customer base is in a constant state > > of flux. After a few months, badrcptto would be pretty big :-). Seems to > > me that the single biggest risk of putting this functionality into qmail > > would be the potential discovery of all valid mail addresses of our > > customers. That would be unfortunate. There might be a way to mitigate > > that risk somewhat, and that is one thing I need to look at before pursuing > > this issue any further. I pride myself on the security of all my systems, > > but I also pride myself on being able to offer a good set of services to > > our customers. It's a difficult balance sometimes. > > > > Dave > > The valid email address discover is the biggest problem of this feature and I > don't think that this problem has an easy solution. > If you drop after some erroneous rcpt to: can appen that some mta (like exim) > that make a single smtp connection for multiple recipient of the same domain > will get bounces after the max retry count. > In which way can you solve this problem ? > You have to consider the fact that this feature can become an _easy_ dos for > your smtp and ldap servers. > > felipe. >
