virtual users, mailer daemon send mails to non existant recipient and dovecot store it

Sam sr42354 at gmail.com
Wed Aug 24 07:33:07 UTC 2016


Hello Sean,

You're right, I going to switch off the return message too.

Thanks!

Samuel

Le 23/08/2016 à 20:07, Sean Greenslade a écrit :
> On Tue, Aug 23, 2016 at 05:57:37PM +0200, Sam wrote:
>> Hello,
>>
>> Sometime when we receive a spam or virus that is detected as it, mailer
>> daemon send a reply to the sender to inform that the message is a spam or
>> content viruses.
> You probably shouldn't do this. The vast majority of spam / virus emails
> are sent from compromised machines / botnets, use fake return paths, and
> either don't monitor replies, or just use replies to verify that the
> email address is valid and send more spam to it. Or worse, it can turn
> your server into a spamming machine if the return addresses are set to
> other people's email addresses.
>
> There are several valid ways of handling spam, depending on how your
> mail architecture works. One is to reject incoming spam messages at the
> receiving mailserver. The downside is that this leaks information to the
> spammers about what spam methods actually get through or not.
>
> Another method is to accept all incoming messages, then sort /
> quarantine / blackhole any spam. The downside is that this makes your
> server seem more accepting, which may attract more spam.
>
> I personally take the second approach, though which is better will
> definitely depend on how your specific system works.
>
> If you're really dead set on having some sort of auto reply, at the very
> least make it only reply to senders that have historically sent good
> messages (e.g. some sort of whitelist).
>
> --Sean
>



More information about the dovecot mailing list