Valid places to redirect mail to?

[Mike Peel]

If you don't want to redirect an email to another email address using the forwarders section in Mail, then where can it be redirected to? As an example, is :blackhole: valid, or should it be :void:? Or do neither exist? And are there any others?

Thanks,
Mike Peel

[lloyd_tennison]

Blackhole is indeed valid.

This comes from Cpanel - under the selction noted.
<snip>
Default Address Maintenance


Send all unrouted e-mail for: domanname.com to:

Hint: You can enter
:blackhole: to discard all incoming unrouted mail or
:fail: no such address here to bounce it.

If you wish to send to multiple address, please seperate them with a comma (,)

</snip>

I have been setting to blackhole because of the amount of SPAM and the overhead that fail uses. I just recently changed that.

[dezignguy]

I have been setting to blackhole because of the amount of SPAM and the overhead that fail uses.

You've got it turned around... :blackhole: has the extra overhead... :fail: has less overhead than accepting the message in the ifrst place.


Mike Peel: Why are you talking about redirecting an address to blackhole using the mail forwarders? The blackhole and fail functions will only work with the mail catchall turned off. This is in Default Address Maintenance.

[PWSowner]

Mike Peel: Why are you talking about redirecting an address to blackhole using the mail forwarders? The blackhole and fail functions will only work with the mail catchall turned off. This is in Default Address Maintenance.

Not true. I have a few accounts where I get a lot of spam to default emails like webmaster@, sales@, and so on. I leave the default email on and just create forwarders for those to go to ":fail: no such address".

Mail goes to the default address if there is no POP or forwarder for that particular email address.

[lloyd_tennison]

You've got it turned around... :blackhole: has the extra overhead... :fail: has less overhead than accepting the message in the ifrst place.

Since when is it less overhead to send a response BACK to the sender of the garbage than to just simply accept it? Just look at it overhead, check, verify, deny, send deny message - and then repeat each time the email is retried, as there are so many servers out there that retry anyway. Most datacenters recommend blackhole over fail for just this reason. Also, why let the spammer know they have a bad address?

[chirpy]

lloyd, it's been accepted now that since the use of verify = recipient in exim.conf that it is definitely best to use :fail: now.

The reasons are:

1. :blackhole: accepts the email and receives it, then sends it to /dev/null. This wastes your bandwidth and actually breaks the SMTP RFC because you're not notifying the sender that the email is undelivered.

2. :fail: stops the email from being received, because verify = recipient occurs at the RCPT phase of the SMTP exchange before any data has been received. No bounce is sent, the exchange simply termintates with an SMTP error code. This means much less processing resources on your SMTP server, much less bandwidth (you don't actually receive the email) and you maintain RFC compliance by notifying the senders SMTP server that the delivery failed (which spammers ignore and real people appreciate if they've made an addressing mistake).

So, it is definitely better to use :fail: and any provider telling you otherwise is using out of date information.

[chirpy]

To address your last point, you can simply install a dictionary attack ACL to prevent that issue, such as the wonderful one over here
http://www.webumake.com/free/eximdeny.htm

IMX, it is cheaper to use :fail: plus a dictionary attack ACL then to accepts spam and /dev/null it.

[Mike Peel]

Thanks for your help with clearing that up. Can I just ask - if you use :fail:, am I right in thinking that the specific error message would follow it? e.g.:

:fail: no such address here
:fail: fred
:fail: bob

or am I wrong there?

Also, is it possible to forward an email to a script?

[chirpy]

Yes, to the first part, you can use your own error message after :fail:

Yes, to the second part. You can create a Forwarder that pipes to a script instead of sending to an email address. To do that you use the format:

|/path/to/script/script.pl

Note that the first character is the pipe character.

[dezignguy]

Not true. I have a few accounts where I get a lot of spam to default emails like webmaster@, sales@, and so on. I leave the default email on and just create forwarders for those to go to ":fail: no such address".

Neat... I didn't realize you could do that, but it does make sense now that I think about it.

Since when is it less overhead to send a response BACK to the sender of the garbage than to just simply accept it? J

Well, you'd be right if your email server did generate a bounce email and send that back to the from address... (Like older versions of Exchange do, I believe)... that's bad. However, for cpanel servers, because this reject is done during the smtp conversation between servers, it's usually just one line of text... something to the effect of:

550 5.7.1 Invalid address

No overhead at all, since the mail isn't accepted... so no disk writing, processing, much less bandwidth, etc.

Chirpy explains it well too... and the dictionary attack acl too.

[dezignguy]

Weird... squirrel, I tried what you said and added an address that's been getting spam and virus bounces sent to it. Set it to :fail: no such user in the mail forwards section...

But when sending a test email to it to check the error returned I get a rather unexpected error:

Task 'Main Acct - Sending' reported error (0x800CCC65) : 'Your outgoing (SMTP) e-mail server has reported an internal error. If you continue to receive this message, contact your server administrator or Internet service provider (ISP). The server responded: 503 valid RCPT command must precede DATA'

I suppose the error makes some sense but it wasn't what I was expecting... is this what everyone will get or is it just Outlook's interpretation? I don't think any of my Exim hacks affect anything here, so I think I have a fairly stock Exim config in this situation.

[chirpy]

That's probably Outlooks poor interpretation of the SMTP failure to accept delivery, probably because you're effectively sending it locally. If you try from a third party email (e.g. hotmal, yahoo, etc) you'll probably get a proper bounce message.

[volume]

Hello All,

:fail: is looking favourable and I may change over all my exisitng accounts to 'that' as a deafult. Does anyone know what and where the file is in a redhat linux environment. I'm sure its easier to change that file rather than logging into each account making the relevant changes and moving on the next.

Thanks in advance.

volume.

[PWSowner]

Hello All,

:fail: is looking favourable and I may change over all my exisitng accounts to 'that' as a deafult. Does anyone know what and where the file is in a redhat linux environment. I'm sure its easier to change that file rather than logging into each account making the relevant changes and moving on the next.

Thanks in advance.

volume.

The forwarders are in /etc/valiases/domain.tld

[PWSowner]

See Chirpy's script here.