Make Exim send bounces to postmaster instead of the sender, for non-local sender
Solution 1
The way to do this is with the errors_to directive in the router. I believe Exim also supports some conditionals to do it selectively.
Solution 2
Some rules are dumb because they cause more harm than good! And people advocating and creating them know that. I would care more about postmaster ethics than the dumb rules. And I hate dumb rules and obviously the people setting those rules. If you are like me, aware of consequences (see above) and want to screw the rules then sure,
1) Establish sender and recipient verification to secure yourself OR
2) Fail or freeze all null postmaster bounces. Do it with an exim system filter
system_filter = /etc/exim/screwtherules.exim
vi /etc/exim/screwtherules.exim
if $sender_address is ""
then
if ${lookup{${extract{2}{@}{$recipients}}}lsearch{/etc/localdomains}{yes}{no}} is "no"
then
fail text "Delayed bounce message ignored"
seen finish
endif
endif
3) OR create an ACL at acl_smtp_data check time to forward, fail or freeze the null bounce emails being sent to or not to specific hosts. You can extract received header info as described in https://grepular.com/Exim_Trick_to_Extract_Received_Header_IP_Addresses
Solution 3
Your approach violates RFC 5321 where you must deliver or bounce back to sender. There are only very limited exceptions: https://www.rfc-editor.org/rfc/rfc5321#section-6.2
So you have three options
- Deliver all bounces to postmaster
This is invalid. No exceptions. Because there are situations where you discard legitimate bounces (quota exceeded, disk errors, ...) for all senders. Legitimate clients and evil Spammers. - Deliver bounces from relayed mail to postmaster
This is legitimate. But it leaves a hole where you discard bounces that are not related to content violations (Spam, viruses) but user unknown, mailbox full and the like. - Deliver bounces from relayed mail that indicate content violations to postmaster
Perfect solution but introduces extended configuration.
Go for option 3. But better would be to disallow forwarding mails or increase Spam filtering before forwarding these mails.
Related videos on Youtube
01 : 37
05 : 11
20 : 18
08 : 39
03 : 20
Reid
Updated on September 18, 2022Comments
-
Reid almost 2 years
I have a few e-mail aliases that forward to external hosts. Currently, if the external host rejects a message, Exim generates a bounce message and sends it to the original sender. This is bad because if the external host rejects the message as spam (a common case), then I'm a source of backscatter spam.
Thus, if the sender is non-local, I'd like to send the bounce to postmaster (me) instead. Alternately, sending all bounces to postmaster would be good enough.
The Exim documentation hints that this can be done ("when a message fails to be delivered ... Exim sends a message to the original sender, or to an alternative configured address", emphasis added), but I couldn't find how.
For example, here is a log excerpt showing a backscatter spam being created (in this case, the purported source server isn't accepting connections).
[email protected]is the purported sender of a spam e-mail to[email protected], which then forwards to[email protected]; GMail then rejects the message and my server creates a bounce to[email protected]. I want that bounce to go to[email protected]instead. (Usernames obfuscated; the rest of the log is verbatim.)2011-10-03 12:03:08 1RAkyw-0000cj-45 <= [email protected] H=(gyajnj.com [113.190.35.111] P=esmtp S=33927 [email protected] 2011-10-03 12:03:09 1RAkyw-0000cj-45 ** [email protected] <[email protected]> R=dnslookup T=remote_smtp: SMTP error from remote mail server after end of data: host gmail-smtp-in.l.google.com [74.125.47.26]: 552-5.7.0 Our system detected an illegal attachment on your message. Please\n552-5.7.0 visit http://mail.google.com/support/bin/answer.py?answer=6590 to\n552 5.7.0 review our attachment guidelines. i3si13239001yhk.107 2011-10-03 12:03:09 1RAkyz-0000cm-H5 <= <> R=1RAkyw-0000cj-45 U=Debian-exim P=local S=35124 2011-10-03 12:03:09 1RAkyw-0000cj-45 Completed 2011-10-03 12:03:30 1RAkyz-0000cm-H5 nacha.net [64.212.215.180] Connection timed out 2011-10-03 12:03:30 1RAkyz-0000cm-H5 == [email protected] R=dnslookup T=remote_smtp defer (110): Connection timed outHere is the relevant router:
dnslookup: debug_print = "R: dnslookup for $local_part@$domain" driver = dnslookup domains = ! +local_domains transport = remote_smtp same_domain_copy_routing = yes # ignore private rfc1918 and APIPA addresses ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :\ 172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16 :\ 255.255.255.255 no_more -
Reid over 12 yearsI'm a lot more concerned about being a backscatter spam vector than I am about following the RFCs; see en.wikipedia.org/wiki/Backscatter_%28e-mail%29.
-
mailq over 12 years@Reid Yes I got it. And I support that! So option 3 would fit for pro RFC and against backscatter.
-
Lazy Badger over 12 years@Reid - postmaser must follow RFC, Standard Track - without any excuse
-
mailq over 12 years@LazyBadger Very extreme statement. The RFC 5321 makes exceptions as linked. So his approach is covered in the RFC if you tweak the exceptions a bit.
-
Lazy Badger over 12 years@mailq - I disagee and was angry only on statement in common "I'm a lot more concerned about ... than I am about following the RFCs". I hate rfc-ignorant posmasters
-
Reid over 12 years@mailq: OK, so how do I implement option 3 in Exim? That's what the question is asking.
-
mailq over 12 years@Reid Now this is is the tricky part. I'm no exim guru. I just wanted to outline how you should rephrase the question that someone else can give you the right answer to it.
-
Reid over 12 years@mailq, OK, one other follow-up question: to which postmaster do you propose sending the bounces? In the above, the purported sending site (i.e., [email protected]) is almost certainly fake, so sending the bounce to that postmaster would still be backscatter spam, just to a different address. And sending it to postmaster at my site (reidster.net) is what I asked for in the first place. I'm confused. Thanks.
-
mailq over 12 years@Reid you only send a subset of all bounces to you. Only this particular subset where the mail was relayed from outside to outside and then was rejected for content violation. The rest of all the bounces go back to sender as defined in the RFC.
