Re: [CentOS] Kind of OT: internal imap server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Fri, 2006-08-25 at 18:52 +0100, Andy Green wrote:

> > Unfortunately the amount of real mail you intend to handle doesn't
> > relate much to what can happen when you plug into the internet.
> 
> Hm well I run my own MX that is "on the Internet" and have done for a 
> couple of years or more, and I do it with Postfix on a residential cable 
> modem.  I have never had these spamfloods, Every day my daily logs for 
> this and other machines show one or more attempts to relay which fail 
> during SMTP time, so they go somewhere else. 

Do you want some?  My maillog shows 625856 rejects in the last 5 days.
We have had some employee turnover so some are to previously valid
addresses, but most are to things like seg04_831@domain and 
segark862@domain, and so on.

>  Often the recipient on the 
> relaying attempt is undeliverable, they're just interested if you'll 
> take it.  I guess if you take their probes, then you get the Zombie army 
> hammering at the door.

Yes, I suppose this is still a lingering after effect of long ago
having a qmail box answering for that domain (it was an appliance-like
SME server - I wouldn't have set one up like that otherwise...). But
they've been getting rejected at that rate for a couple of years now
and still coming.

> If you set your MTA (whatever it is) up with
> 
>   - reject unknown usernames (much virus mail and a fair amount of spam: 
> gone)

The difficulty here is that my internet-reachable relays don't actually
have any users. 

> Because all of these operate at SMTP transaction time the problems you 
> point out don't result in dodgy bounces that are sent to the alleged 
>  From guy. 

MimeDefang allows checking for valid addresses at the delivery host
during the SMTP transaction before accepting at the relay.  I know there
are ways to propagate all of your usernames and aliases in LDAP or other
network database form so other MTAs could have the same functionality,
but
MimeDefang lets you use the real thing in real time without setting up
other copies.

-- 
   Les Mikesell
     lesmikesell@xxxxxxxxx



_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux