Il 11/07/2016 20:16, CarlC Internet Services Service Desk ha scritto:
>*From:*Dan McAllister
>Now I can’t just reply to HOW without adding my 2-cents worth as to
why I think “bounce-no-mailbox” is the WORST of the options:
>-It allows spammers to “mine” your domain for “good” email addresses
(which then get sold!)… how? Send a note to a...@yourdomain.com
<mailto:a...@yourdomain.com>, b...@yourdomain.com <mailto:b...@yourdomain.com>,
etc. For each one that does NOT get a bounceback, you have a good
address! SPAM IT!
>-Once your domain is “mature” (been around a few years), your
“catchall” account will get thousands of emails a day – from spammers
trying to mine your domain!
My question is, would this not lead spammer to try to use your domain
name as a FROM? What I mean by that is, if you’re not bouncing the bad
addresses, then a spammer can use your domain [I know, many don’t
check SPF or where the domain is allowed to send email from records],
to send email outbound. Most email servers will check to see if the
return email address is valid, and qmail would say
anth...@yourdomain.com <mailto:anth...@yourdomain.com> is valid. While
it would get dumped into /dev/null since you have “delete” as the
final destination, I’m not entirely sure allowing all email address
for your domain to work is a good idea.
I know a few years ago, I did have a few customers this happened to.
We had to disable the catch-all and instead, set it to
bounce-no-mailbox. When we did that, the spammers stopped trying to
use the domain as a “from” address [and yes, SPF records made no
difference… it was the open catch-all that led the spammers to use the
domain as a “from” address].
I agree. And, more, hiding addresses is not what our customers ask for.
Our customers want their counterparts to be correctly informed if an
email is not being correctly delivered as well as they want to know if a
message sent has been delivered. Business is business.
Like for phone or fax, they want a 'number not existing' to be shown to
who's calling if number is not existing.
For the same reason, we disabled grey listings years ago, because every
message must be delivered in seconds, and a ten minutes delay is no more
acceptable.
Our job is to make our customer's work simple, figthing SPAM in every
possible way which does not disturb their work.
Regards,
Tonino
Again, YMMV…
Carl
--
------------------------------------------------------------
Inter@zioni Interazioni di Antonio Nati
http://www.interazioni.it to...@interazioni.it
------------------------------------------------------------
