RE: sendmail blocking
While I do agree with fixing the cause, and not just the symptom, there are other things to take into consideration: 1: I have many other tasks here besides e-mail admin. If I were to contact every spammer and auto-list that sends crap to that person's address, that would be a lot of administrative overhead and time involved. 2: As you pointed out, this is often a pointless exercise, as these spammers don't really care who they send to. I'm sure they get millions of NDRs from each spam run. 3: Adding ACLs to my router for incoming domains is also a lot. True, I would add the offending domain if they were bothering my real users, but for a long gone employee, no way. 4: I don't want a lot of administrative overhead, or resources used for this ex-employee. Just reject (or drop) his mail, and don't bother me about it. As a prank, I added the ex-employee's alias to one of my co-workers mailbox. :) He really liked the 1000% increase in spam! The way I have it now, all mail gets rejected for this person, and as the administrator I don't receive any NDRs. Bliss. Regards, - nick -Original Message- From: Kenneth Goodwin [mailto:[EMAIL PROTECTED] Sent: Monday, September 15, 2003 9:21 AM To: [EMAIL PROTECTED] Subject: RE: sendmail blocking > [mailto:[EMAIL PROTECTED] Behalf Of Ed Wilts > Sent: Monday, September 15, 2003 11:48 AM > To: [EMAIL PROTECTED] > Subject: Re: sendmail blocking > > > On Mon, Sep 15, 2003 at 07:53:17AM -0700, Nick White wrote: > > I have a quick sendmail question. A server sits between > our internal > > mail server, and the external world that acts as a mail > receiver and > > relay box. We do this using the mailertable file. So any mail for > > [EMAIL PROTECTED] gets forwarded to the internal mail server. > > > > An employee has been gone for over a year now, and I am > seeing TONS of > > crap keep coming through for him, and the server is > sending back out > > NDRs for each failed attempt. > > > > How can I block messages that come through for him, discarding them > > silently without sending NDRs? > > I'm not sure you can, but I'm resaonably sure that this would violate > the RFCs. You're asking an RFC-compliant mailserver to > accept mail and > then quietly drop it into the bit bucket without notifying > the sender? > Nasty, nasty... Ed, Since Nick has been receiving this junk email for a year now and his sendmail server has apparently been sending back the required "Alice does not live here anymore" messages. Since the remote end has failed repeatedly to cease sending the stuff, the RFC should be modified to require SMTP servers to send "No such users" automatically to the POSTMASTER account for each rejection. This will hopefully flood their disk in time and they will finally notice that they have an issue. There is a limit to how long one should be polite when dealing with remotes that fail or refuse to listen to returned error messages. Now as postmaster, I get them here once the email has finally bounced, and I am assuming the rest of you do as well. So what we have here is a failure on the part of the "sending" mail administrator to cease the transmission of email upon receiption of such notices. So Nick has no choice here but to dump the stuff and minimize his systems load in terms of these senders who are not listening to his returns. Personally, I attempt to find a human at the source point to "notify". If that fails, I would put a ACL block for the source IP's in my border router and stop the SMTP conversations all together. Especially if the source was something I had no need to talk to in the first place, namely mass marketing mailing lists. I have the same issue here, but I have users that have been gone for over four years and I have been sending back - "No Such user" returns on the attempts to the remote ends for as long. They are about to make it into my new border routers ACL. Too many of the automated marketing lists are not monitored and cleaned up as they should be. Nick, you might want to use the source domain's web site to see if you can find a human at the sender's location to scream at. Nail the cause, not the symptom, first if you can manage it. Otherwise, block them at your firewall or drop the email onto the floor. > One way to approach this would be to accept the mail but write a > procmail rule that drops the e-mail into dev/null. > I believe that simply his will do it but I have not tested it... > > :0 > /dev/null > -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: sendmail blocking
> On Mon, Sep 15, 2003 at 07:53:17AM -0700, Nick White wrote: >> I have a quick sendmail question. A server sits between our internal >> mail server, and the external world that acts as a mail receiver and >> relay box. We do this using the mailertable file. So any mail for >> [EMAIL PROTECTED] gets forwarded to the internal mail server. >> >> An employee has been gone for over a year now, and I am seeing TONS of >> crap keep coming through for him, and the server is sending back out >> NDRs for each failed attempt. >> >> How can I block messages that come through for him, discarding them >> silently without sending NDRs? > > I'm not sure you can, but I'm resaonably sure that this would violate > the RFCs. You're asking an RFC-compliant mailserver to accept mail and > then quietly drop it into the bit bucket without notifying the sender? > Nasty, nasty... > > One way to approach this would be to accept the mail but write a > procmail rule that drops the e-mail into dev/null. > I believe that simply his will do it but I have not tested it... > >:0 >/dev/null > > -- > Ed Wilts, Mounds View, MN, USA While that will do it you can save the time of processing the mail by just including the problem name in sendmail's access database with a DROP action. Any incoming mail to that person is immediately dropped into the bit bucket. No notification is sent to the sender. Gerry -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
RE: sendmail blocking
> [mailto:[EMAIL PROTECTED] Behalf Of Ed Wilts > Sent: Monday, September 15, 2003 11:48 AM > To: [EMAIL PROTECTED] > Subject: Re: sendmail blocking > > > On Mon, Sep 15, 2003 at 07:53:17AM -0700, Nick White wrote: > > I have a quick sendmail question. A server sits between > our internal > > mail server, and the external world that acts as a mail > receiver and > > relay box. We do this using the mailertable file. So any mail for > > [EMAIL PROTECTED] gets forwarded to the internal mail server. > > > > An employee has been gone for over a year now, and I am > seeing TONS of > > crap keep coming through for him, and the server is > sending back out > > NDRs for each failed attempt. > > > > How can I block messages that come through for him, discarding them > > silently without sending NDRs? > > I'm not sure you can, but I'm resaonably sure that this would violate > the RFCs. You're asking an RFC-compliant mailserver to > accept mail and > then quietly drop it into the bit bucket without notifying > the sender? > Nasty, nasty... Ed, Since Nick has been receiving this junk email for a year now and his sendmail server has apparently been sending back the required "Alice does not live here anymore" messages. Since the remote end has failed repeatedly to cease sending the stuff, the RFC should be modified to require SMTP servers to send "No such users" automatically to the POSTMASTER account for each rejection. This will hopefully flood their disk in time and they will finally notice that they have an issue. There is a limit to how long one should be polite when dealing with remotes that fail or refuse to listen to returned error messages. Now as postmaster, I get them here once the email has finally bounced, and I am assuming the rest of you do as well. So what we have here is a failure on the part of the "sending" mail administrator to cease the transmission of email upon receiption of such notices. So Nick has no choice here but to dump the stuff and minimize his systems load in terms of these senders who are not listening to his returns. Personally, I attempt to find a human at the source point to "notify". If that fails, I would put a ACL block for the source IP's in my border router and stop the SMTP conversations all together. Especially if the source was something I had no need to talk to in the first place, namely mass marketing mailing lists. I have the same issue here, but I have users that have been gone for over four years and I have been sending back - "No Such user" returns on the attempts to the remote ends for as long. They are about to make it into my new border routers ACL. Too many of the automated marketing lists are not monitored and cleaned up as they should be. Nick, you might want to use the source domain's web site to see if you can find a human at the sender's location to scream at. Nail the cause, not the symptom, first if you can manage it. Otherwise, block them at your firewall or drop the email onto the floor. > One way to approach this would be to accept the mail but write a > procmail rule that drops the e-mail into dev/null. > I believe that simply his will do it but I have not tested it... > > :0 > /dev/null > -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: sendmail blocking
On Mon, Sep 15, 2003 at 07:53:17AM -0700, Nick White wrote: > I have a quick sendmail question. A server sits between our internal > mail server, and the external world that acts as a mail receiver and > relay box. We do this using the mailertable file. So any mail for > [EMAIL PROTECTED] gets forwarded to the internal mail server. > > An employee has been gone for over a year now, and I am seeing TONS of > crap keep coming through for him, and the server is sending back out > NDRs for each failed attempt. > > How can I block messages that come through for him, discarding them > silently without sending NDRs? I'm not sure you can, but I'm resaonably sure that this would violate the RFCs. You're asking an RFC-compliant mailserver to accept mail and then quietly drop it into the bit bucket without notifying the sender? Nasty, nasty... One way to approach this would be to accept the mail but write a procmail rule that drops the e-mail into dev/null. I believe that simply his will do it but I have not tested it... :0 /dev/null -- Ed Wilts, Mounds View, MN, USA mailto:[EMAIL PROTECTED] Member #1, Red Hat Community Ambassador Program -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
RE: sendmail blocking
Awesome, it worked. Thanks for all your help here on redhat-list. I noticed that redhat ships sendmail with FEATURE(`blacklist_recipients')dnl already turned on! Thanks, - nick -Original Message- From: MKlinke [mailto:[EMAIL PROTECTED] Sent: Monday, September 15, 2003 8:30 AM To: [EMAIL PROTECTED] Subject: Re: sendmail blocking On Monday 15 September 2003 09:53, Nick White wrote: > Hi redhat-list, > > I have a quick sendmail question. A server sits between our internal > mail server, and the external world that acts as a mail receiver and > relay box. We do this using the mailertable file. So any mail for > [EMAIL PROTECTED] gets forwarded to the internal mail server. > > An employee has been gone for over a year now, and I am seeing TONS > of crap keep coming through for him, and the server is sending back > out NDRs for each failed attempt. > > How can I block messages that come through for him, discarding them > silently without sending NDRs? > > Thanks! > - nick Take a look at /usr/share/sendmail-cf/README Search for "blacklist_recipients" and the anti-spam configuration control section of the document. You'll need to enable: FEATURE(`blacklist_recipients') and add your defunct user's email address to your access database. Something like: defunct@REJECT or defunct@ ERROR:blah-blah Regards, Mike Klinke -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: sendmail blocking
On Monday 15 September 2003 09:53, Nick White wrote: > Hi redhat-list, > > I have a quick sendmail question. A server sits between our internal > mail server, and the external world that acts as a mail receiver and > relay box. We do this using the mailertable file. So any mail for > [EMAIL PROTECTED] gets forwarded to the internal mail server. > > An employee has been gone for over a year now, and I am seeing TONS > of crap keep coming through for him, and the server is sending back > out NDRs for each failed attempt. > > How can I block messages that come through for him, discarding them > silently without sending NDRs? > > Thanks! > - nick Take a look at /usr/share/sendmail-cf/README Search for "blacklist_recipients" and the anti-spam configuration control section of the document. You'll need to enable: FEATURE(`blacklist_recipients') and add your defunct user's email address to your access database. Something like: defunct@REJECT or defunct@ ERROR:blah-blah Regards, Mike Klinke -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list