At 11:37 2005-01-24 -0500, Chris Johnson wrote:
Is it possible, and if so then how, to get procmail to mimic an
unknown user bounce by the mail server?
A total waste of time - spammers don't receive email. Messages are either
forged to be from totally bogus places, or they're forged to be from some
hapless individual who is going to receive a bounce for a message he never
sent.
You're better off discarding the unwanted email. I let the MTA deal with
bounces at the SMTP level (basically, my MTA refuses a connection, and the
SENDING mailhost is left having to send the actual bounce -- and if they
were trying to deliver a a forged message, it's their problem - all I've
done is refused it).
One apparently effective but also drastic way to reduce spam seems to be
to just turn off your mail server or account for a week. I'm told the
spam drops by 90 percent.
Your legitimate email drops off pretty sharply too.
I just suffered through a loss of provisioning on my network line and
through a mixup with the telco (who provisions the lines running to the
structure) and the datacomm outfit, the line is identified as having an
order on it, so the datacomm can't re-provision it (they can't tell the
telco what to do). Fortunatley, I have an analog backup up and running,
but it's abysmal.
I know I have a huge anti-spam .procmilrc with tons of signatures
I've gleened from this crap. I'm sure I'm not the only one. And we
run MailScanner which is actually pretty good at catching most of it.
But no where near all of it. And it's starting to take serious CPU to
get through my filter, body searches are tough.
Start with headers and reject messages based on those first.
DNSBLs, implemented at the MTA level, have generally proven to be very
effective at limiting bandwidth loss to spew, since they're used before the
headers and body of the message have been transferred.
So I thought it might be helpful if an unknown user bounce could
be simulated and the mail returned as such. Don't know how much it
would help or even if. Thought it might be worth a shot though.
You've ACCEPTED the entire message by the time procmail sees it. To send a
bounce back, you're going to run some process to mimic the bounce and
submit it to the MSA, which will queue it up for the MTA to deliver (which
may entail it being in the queue for a while), and either it'll eventually
fail after wasting countless cpu cycles, or it'll have delivered the bounce
mimic over your network line to some other host.
---
Sean B. Straw / Professional Software Engineering
Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
Please DO NOT carbon me on list replies. I'll get my copy from the list.
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail