spf-discuss
[Top] [All Lists]

Mailserver Question

2004-12-30 11:06:53
We are currently being bombarded by bounced spam messages from a prolific
spammer using not just our domain name, but the FQDN of our mail server. I
don't need to accept messages to this domain, but if I don't, then all
these "USER UNKNOWN" bounces get turned into "mail loops back to me" error
messages to the postmaster. It's too bad that SPF is not more broadly
implemented, as it would quickly terminate this spoofing, but that has
nothing to do with my question.

All these bounces are from legitimate servers (actually most of them are
background servers), and about 1/3 of them terminate their sessions with a
simple QUIT. The other 2/3 terminate with an RSET followed by a QUIT. I am
working on a monitoring program that I intend to arm with SPF, and this
variance in the way sessions are handled has caused me some grief. Does
anyone know why some servers use RSET followed by QUIT, and others just use
QUIT? It seems like a waste of resources to use both.

J.A. Coutts


<Prev in Thread] Current Thread [Next in Thread>