On Wed, 27 May 2009 09:18:32 -0500, David Favor wrote: > I'm currently running qpsmtpd-async. > > I host many domains and I'd like to protect them all > against backscatter using something like this: > > http://psg.com/~brian/software/authbounce/configure-authbounce.txt > > to add a bounce key to each outgoing message of the form: > > X-bounce-key: $mx-$number;$sender;$timestamp;$key > > This requires all mail sent by every user to go through > qpsmtpd + exim on my local machine.
Seems a little fragile. There aren't many bounces that quote all headers. You'd be better off just rejecting all bounces in qpsmtpd, then you only see "legit" bounces where the remote end issued an immediate 5xx to your Exim's outgoing mail. Of course when I suggest that (here and on other lists) mail admins tend to freak out a bit. But I'm of the opinion that I've barely ever seen a useful full bounce in years. So my qpsmtpd runs a no_bounces plugin, which I believe I've posted here before. Matt.