Vernon Schryver wrote:
As I plod through the dozens of messages that appeared in my mailbox
in the last few hours, I'm reminded of another thing that the
IETF/IRTF might do for "single ended filters." Some of those messages
are double bounces from a system that is an MX secondary. The
bounces are for spam that was accepted by the secondary, refused
by the primary, and cannot be returned to the spammer. Even the
most non-network oriented single-ended filter would benefit from
protocols that coordinate MX secondaries.
Many spammers prefer to send to MX secondaries because secondaries
are often not as well filtered as MX primaries. As a result of
the lack of MX secondary coordination protocols, the best advice
for all but large sites is to stop using MX secondaries.
You can make secondary mail server know valid addresses in the domain
and reject the remaining.
Such solutions for sendmail have been discussed a few times in
news:comp.mail.sendmail :
a) virtusertable for non local email domains
b) LDAP based routing [FEATURE(`ldap_routing')]
If you need more details ask on news:comp.mail.sendmail
I suggest to change wording of the recommendation because I also think
that secondary that accept message to invalid address in the domain is
not a good idea.
There are other opportunites for IRTF/IETF work. A protocol missing
from the DCC and other anti-spam systems that use whitelists and have
logs is a way to communcate white-lists logs of rejected mail among
MX secondaries. I keep suggesting rdist/ssh and NFS to operators of
MTAs using the DCC, and but very, very few like those ideas.
--
Andrzej [pl>en: Andrew] Adam Filip http://www.polbox.com/a/anfi/
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg