Hello.
Real-world scenario--that happened to one of my friends: a malicious
user sent huge amount of spam using e-mail address database stored on
a machine. This resulted in that machine's IP and domain name being
rejected by some big free e-mail service providers. Nothing unusual.
So the owner of the company sent an explanation and apologies to
postmasters and roots, but almost all of them bounced. This is
unusual.
My suggestion is: when you configure MTA to not accept e-mail from a
source, it should allow that source to send mail to at least root,
postmaster and hostmaster, or some other configurable accounts.
Please CC me as I'm not subscribed at the moment.
Regards,
Andrzej Kukula
