Andy Green wrote:
Les Mikesell wrote:
If you are handling relatively low volumes of mail, say the low tens of thousands a day, and "mail guy" is not a shout you respond to, then I strongly recommend not becoming a white-coated acolyte to these and to make the smaller brain-investment needed to get Postfix working great.
Unfortunately the amount of real mail you intend to handle doesn't relate much to what can happen when you plug into the internet.
Hm well I run my own MX that is "on the Internet" and have done for a couple of years or more, and I do it with Postfix on a residential cable modem. I have never had these spamfloods, Every day my daily logs for this and other machines show one or more attempts to relay which fail during SMTP time, so they go somewhere else. Often the recipient on the relaying attempt is undeliverable, they're just interested if you'll take it. I guess if you take their probes, then you get the Zombie army hammering at the door.
If you set your MTA (whatever it is) up with
- reject unknown usernames (much virus mail and a fair amount of
spam: gone)
reduce the stock usernames in /etc/aliases, keep the RFC ones
greylist one way or another (10 mins seems to work fine)
reject non-FQDN HELO
optionally reject "unknown" HELOs, ie, alleged mailservers that
lack reverse DNS
you will knock out the vast bulk of your enemies before you spend any real CPU or bandwidth on them. So far I did not need to look at the next step, doing a fake DNS lookup on one of the realtime blackhole lists.
Because all of these operate at SMTP transaction time the problems you point out don't result in dodgy bounces that are sent to the alleged From guy. Anything that can't be talked out of sending dodgy bounces to the alleged From guy would indeed be evil.
I use similar tactics on my postfix setups and have not had any DoS or other successful attacks against any of the servers under my care in the last 8 years or so. And they're all dangling out on the Internet with a big bullseye painted on them. So I think the risk is manageable and not terribly relevant for me. I've got a few servers that are rather busy and have had servers in the past that were handling a few tens of thousands of users.
Understanding and managing risks associated with being plugged in to the Internet is not a MTA-specific problem. But I daresay that some MTA's are a bit more difficult to understand than others. ;-)
Cheers,