Hans van Zijst wrote,
| What I want is a "permission denied" when a messages is found to be
| spam: I want the message to bounce. Searching through several faqs
| and howto's, I experimented with the EXITCODE, but to no avail. I
| copied an example that first sets EXITCODE and then "HOST=" to abort
| procmail. The abort goes just fine, but no bounce... We use Sendmail
| here, btw.
You're better off. It's one thing to refuse spam during the SMTP dialogue,
but once that has closed and a bounce notice would be addressed to the
envelope sender rather than to the owner of the SMTP sending process, it does
no good and can do some harm.
Spammers do not remove bad addresses from their lists. They sell their lists
and want to brag about how many addresses they have. I closed service with an
ISP and the next day, per their no-forwarding policy, my address there was
bouncing as an unknown user. Over two years later I opened a new account with
them and asked for the same username; within three hour of its activation the
new account was receiving spam at an address that had been bouncing for more
than two years.
Envelope senders on spam are almost all forged. Bouncing to the envelope
sender will do one of the following:
1. It will send the bounce to an invalid address, wasting bandwidth and
accomplishing nothing;
2. It will send the bounce to a victim whose address was forged on the
envelope of the spam message, adding to the harassment this poor person is
getting from post-dialogue bounces of other copies of the same spam, and in
effect the bounce notice that you generate will itself be a form of spam;
3. If it does send the bounce to the spammer, the spammer won't care in the
least and will just keep on spamming you anyway.
On at least two occasions an address of mine has been a victim of what I
described in #2 above: I didn't get many bounces, but someone with a small
mail quota could easily have a mailbox choked with bounces of someone else's
spam and be unable to receive any of his/her own incoming mail. A person in
that position could easily have a case against the systems that sent him/her
the bounces for mail that clearly (s)he didn't send as well as a case against
the spammer.
As to why it doesn't work, perhaps you're actually using Smail (or another MTA
that doesn't care about the exit code of the LDA, or about the exit code of a
program called from an alias or in a .forward file) rather than true Sendmail.
In any case, since it is a violation of SMTP to pretend to accept a message
while actually droppping it on the floor, I'm all for refusing spam during the
SMTP dialogue, but once your smtpd has accepted the message, bouncing it
afterward to the apparent envelope sender is counterproductive against spam.
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail