On Fri, 2006-08-25 at 18:52 +0100, Andy Green wrote:
Unfortunately the amount of real mail you intend to handle doesn't relate much to what can happen when you plug into the internet.
Hm well I run my own MX that is "on the Internet" and have done for a couple of years or more, and I do it with Postfix on a residential cable modem. I have never had these spamfloods, Every day my daily logs for this and other machines show one or more attempts to relay which fail during SMTP time, so they go somewhere else.
Do you want some? My maillog shows 625856 rejects in the last 5 days. We have had some employee turnover so some are to previously valid addresses, but most are to things like seg04_831@domain and segark862@domain, and so on.
Often the recipient on the relaying attempt is undeliverable, they're just interested if you'll take it. I guess if you take their probes, then you get the Zombie army hammering at the door.
Yes, I suppose this is still a lingering after effect of long ago having a qmail box answering for that domain (it was an appliance-like SME server - I wouldn't have set one up like that otherwise...). But they've been getting rejected at that rate for a couple of years now and still coming.
If you set your MTA (whatever it is) up with
- reject unknown usernames (much virus mail and a fair amount of spam:
gone)
The difficulty here is that my internet-reachable relays don't actually have any users.
Because all of these operate at SMTP transaction time the problems you point out don't result in dodgy bounces that are sent to the alleged From guy.
MimeDefang allows checking for valid addresses at the delivery host during the SMTP transaction before accepting at the relay. I know there are ways to propagate all of your usernames and aliases in LDAP or other network database form so other MTAs could have the same functionality, but MimeDefang lets you use the real thing in real time without setting up other copies.