Re: Q about rejected emails (was: RE: [vps-mail] /dev/null in virtusertable on VPS2?

[Scott Wiersdorf <scott@xxxxxxxxxxxx>]

On Thu, Jun 17, 2004 at 01:41:47PM -0500, Look at SomethingCool.com wrote:
> Ok, so I did this... And now when I send email to 
> nosuchuser@xxxxxxxxxxxxxxxx My email client pops up a message telling me
> that there is no such user found on somedomain.com.  Which is true.
> 
> This lead me to wonder if this could result in a denial of service to my
> server, if some spammer sends thousands of spam messages to bogus users
> on somedomain.com and my VPS2 server is sending this message back for
> each bogus email...

By immediately rejecting the connection, you use almost no server
resources (sendmail just returns a "550 5.1.1 bogus@xxxxxxxxxxx User
unknown" message during the SMTP handshake); this is what you want.

I have a domain that receives thousands of bogus joe-job bounces a
day; were I to accept them all and the /dev/null them I would be
wasting far more bandwidth and CPU. By returning the "user unknown"
status, the email message itself is never stored on your server.

The only denial of service possible with this would be a joe-job, and
it wouldn't affect your server (unless one of your legitimate email
addresses was the spoofed "from" address). Even then, there is little
you can do in advance of a joe-job to prevent it.

> On the VPS1, /dev/null in the virtmaps file doesn't have this behavior,
> it seems to silently drop the bogus emails.

While there are some similarities in syntax, VPS 1 virtmaps are not
the same as VPS v2 virtusertable. The VPS 1 was never officially part
of sendmail and was cobbled together to support multiple domains.
virtusertable for VPS v2 is an officially supported feature of
sendmail.

Scott
-- 
Scott Wiersdorf
scott@xxxxxxxxxxxx
======================================================================
This is <vps-mail@xxxxxxxxxxxx>       <http://www.perlcode.org/lists/>
Before posting a question, please search the archives (see above URL).