On Wednesday 11 February 2004 10:24, Bhavesh Patel wrote:
> thanks for your help
>
> > Without more information on your system it will be difficult to advise
> > you properly, but here are some possibilities:
> >
> > If you're using qmail, install mailfront, goodrcptto, or realrcptto so
> > that you can refuse mail at smtp time that isn't to a good address.
>
> the system i'm on uses sendmail
>
> > Create a file that has all the addresses on your system and whitelist
> > those instead of your domain, then change your docs so that new people
> > know they'll need to confirm once when they first set up their account.
>
> it seems that it would be easiest to whitelist the email addresses that I
> do use. but then what will happen to the non-valid email address emails.
>
> e.g. something bounces back and it and original is from crap@xxxxxxxxxxxx
> tmda challenges it and sends it out to the system server that sent me the
> undeliverable. will they bounce it back to me or will it just drop in
> space after that.
>
> also, if someone sends it to crap@xxxxxxxxxxx and it is from
> crap@xxxxxxxxxxx, tmda will send out a confirmation email. will this just
> happen once and then it will drop, or will there be a feedback loop?
>
> thanks,
>
Don't accept mail for users that don't exist. I'm don't use sendmail, but I'm
sure it has some equivalent of postfix's access maps, in which it can be done
like:
user1@xxxxxxxxxx OK
user2@xxxxxxxxxx OK
user3@xxxxxxxxxx OK
[...]
domain.tld REJECT
If, however, you still want a catchall account, have tmda use hold rather than
confirm for it...unless you think sending confirmation requests to forged
sender addresses is a good idea.:-p
--
Robin Lynn Frank | Director of Operations | Paradigm-Omega, LLC
Email acceptance policy: http://paradigm-omega.com/email_policy.php
_____________________________________________
tmda-users mailing list (tmda-users@xxxxxxxx)
http://tmda.net/lists/listinfo/tmda-users
|