Date: Mon, 23 Jun 2003 08:48:31 -0600 From: Brett Glass <brett@lariat.org> To: questions@freebsd.org Subject: Eliminating "noise" from secondary MX Message-ID: <4.3.2.7.2.20030623083909.02be3c50@localhost>
next in thread | raw e-mail | index | archive | help
We have a FreeBSD machine, running Sendmail, that's set up as a secondary MX for several domains. Lately, as the tide of spam continues to increase, this machine is sending large volumes of messages to "Postmaster", and this is interfering with normal monitoring of the server. Here's more detail. A spammer sends to a nonexistent address in a domain for which the host is a secondary mail exchanger. Many spammers' software is actually set up to use secondary mail exchangers rather than primaries, because they're less likely to have effective antispam software running. (Even if they use public blacklists, they rarely use a blacklist or whitelist provided by the domain for which they're a secondary.) The secondary mail exchanger tries to send the message on to its destination, but the mail is bounced by the primary mail host (either as spam or because it has been sent to an invalid address). So, the secondary dutifully tries to notify the sender that the message didn't get through. Of course, the "From:" and "Reply-to:" headers of the spam contain either a completely bogus address or one that has quickly been shut down due to spamming. So, the host, not knowing what else to do, sends a notice to Postmaster, saying that the notice to the sender could not be delivered. What's the easiest way to suppress this resource-consuming, mailbox clogging chain reaction? --Brett Glass
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20030623083909.02be3c50>