smtpd_reject_unlisted_recipient
in [Postfix]
|
Prev: Detecting "telnet"?
Next: smtpd_bind_address
From: Ansgar Wiechers on 11 Jun 2010 03:02 On 2010-06-10 Jerrale Gayle wrote: > On 6/10/2010 6:31 PM, Sahil Tandon wrote: >> On Thu, 10 Jun 2010, Jerrale Gayle wrote: >>> I want to accept all mail to non-existent users, then bounce, so >>> that people can't probe for valid users to know wherer to start a >>> brute force. >> >> This is a horrible idea; please do not do this. Google >> 'backscatter'. > > IF I have repeating undeliverable mail being redirected to > postmaster(a)mydomain, I don't see why this would be a bad idea. Because - as Sahil already said - you'll create backscatter that way. Which will cause trouble for every other mail admin in the world and thus get you blacklisted really fast. And rightfully so. Don't do this. Ever. Regards Angar Wiechers -- "Abstractions save us time working, but they don't save us time learning." --Joel Spolsky
From: Charles Marcus on 11 Jun 2010 10:09 On 2010-06-10 5:51 PM, Jerrale Gayle wrote: > smtpd_reject_unlisted_recipient = no > > Would this be better put by itself or under > smtpd_recipient_restrictions = reject_unlisted_recipient=no? > > I want to accept all mail to non-existent users, then bounce, so > that people can't probe for valid users to know wherer to start a > brute force. Horrible idea. If you do this, and your server ever gets hit with a dictionary attack, you *will* be blacklisted, period. As others have said - google 'backscatter' for reasons why. Don't be stupid. The fact that you would even consider doing this says to me that you really need to go back to square one and read and study basic email administration before even attempting to admin your own mail server. -- Best regards, Charles
From: Charles Marcus on 11 Jun 2010 10:11
On 2010-06-10 7:17 PM, Jerrale Gayle wrote: >>> I want to accept all mail to non-existent users, then bounce, so >>> that people can't probe for valid users to know wherer to start a >>> brute force. >> This is a horrible idea; please do not do this. Google 'backscatter'. > IF I have repeating undeliverable mail being redirected to > postmaster(a)mydomain, I don't see why this would be a bad idea. So obviously you didn't google 'backscatter', or if you did, you didn't read the results, or if you did, you didn't comprehend what you read. If you are going to ask for help, you need to be prepared to actually follow the advice you are given. -- Best regards, Charles |