[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] cracked system?

The Monday 2005-05-16 at 05:57 -0300, Ariel Sabiguero Yawelak wrote:

> > Don't! Simply delete or move them. Never use "reject".
> > 
> Q: Can I delete SPAM and reject NON-SPAM misspelled mail addresses ?
> The problem I have found is that bussines people don't want their customers to
> miss them! I believe that many of you need to handle virtuals like

That's a different case from the original poster's, he is not running his 
own mail service (smtp server). In that case, postfix, sendmail, qmail, 
whatever, will usually reject wrong addresses. Also, wrong user part 
addresses (before the @) can be forwarded to a catchall username.

That's different from a user running SA rejecting email: his own address 
will be on the rejection slip, so he is on one hand saying that address A 
does not exist, and on the other using the same address A to send that! He 
might as well post a 'spam me' notice worldwide, would be more 

> jd
> jdoe
> johndoe
> john_doe
> john.doe
> doej
> doejohn
> doe_john
> all pointing to the same account, but they also want rejects to be sent to the
> sender so they know that the mail didn't reach the intended recipient... all
> of which is true and valid without spam.
> Is it possible to handle both things smoothly?

Uff. It the mail volume is small, you can forward all those to a catchall 
address, then have somebody scan them and forward to the appropriate person 
- with a good spam filter. Or simply return a "unknown user" or "unknown 
address" return code, and have the originator think again and use the 
correct address. This is the typical method, more practical.

Notice that when the smtp server rejects an email, it is [usually] before 
getting the contents of the email. There is no chance to analyze if it is a 
virus or spam, it is rejected in the negotiation phase.

       Carlos Robinson

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here