Author: Vic Date: To: hampshire Subject: Re: [Hampshire] Sendmail, greylisting and rejecting unknown addresses
> 1. I notice from my mail logs that the greylist milter will tell any > sending server ... to go away for 30 minutes ... when the sending server
> is trying an undeliverable address ... How can I get the milter to
> reject this out of hand, or better, get Sendmail to reject it before
> calling the milter?
It's better that you don't.
If you only apply greylisting to valid addresses, it becomes trivial to
extract your valid address list from your server. This makes it easier for
a spammer to target you.
Just let the greylist do the same for all addresses. It rarely hurts.
> 2. My ISP runs a backup mx for me.
It would be better if they didn't.
Backup MXes have a number of problems - including the spam vector you
describe. They can also give a sender a false sense of having delivered
mail on the odd occasion your server is offline.
Far better just to run one server (for the mail levels we're talking
about, of course). In the event that it is unavailable, a sending MTA will
typically retry for 4 hours before it does anything, and for 5 days before
it bounces the message. So the mail path is intact, RRs are sent when
*relevant* machines receive the mails, and the spam vector is removed.
Unless you have a *really* dodgy Internet connection, I'd ditch the backup.
