Backscatter from bounces? Is there a way to remove the body content?

[jols]

One of our hosted customers brings up a very good point:

-- Spam is received to a non-existant address on the server.

-- The reply-to/return path email address is faked but leads to someone's legitimate account.

-- The spam bounces to the legitimate account.

-- Our server acts as a spam-relay as a result.


Is there a way to reconfigure Exim so that the body copy is NOT included in a 550 "The recipient cannot be verified. " bounce?

 

[chirpy]

That does not happen if you use :fail: on the Default Address. It doesn't bounce the email, it denies delivery at the SMTP RCPT stage.

 

[sparek-3]

If you use :fail: as chirpy has pointed out, your server will not send a bounce message.

The from address may receive a bounce message, but this would be generated by the sending server.

When someone sends an e-mail to your domain, the sending server looks up the MX record for that domain and attempts to connect to that server on port 25. When connected, the server introduces itself usually with EHLO hostname where hostname is the name of the server that is connecting to your server. Then the sending server says MAIL FROM: <fromaddress> where fromaddress it the address the mail is being sent from. Then the sending server says RCPT TO: <toaddress> where toaddress is the e-mail address on your server that the sending server is trying to reach. If this is not a valid e-mail address on your domain and your default box is set to :fail: then the transaction stops there. The receiving server does not allow any further transaction. This goes back to the sending server. Now, the sending server may elect to send a bounce message back to fromaddress which is likely a fake address in the case of a spammer and this may cause some blacklisting issues, but it would only cause the sending server to become blacklisted, since it is the one that is sending the bounced NDR message.