The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Valid places to redirect mail to?

Discussion in 'E-mail Discussions' started by Mike Peel, Oct 12, 2004.

  1. Mike Peel

    Mike Peel Active Member

    Joined:
    May 1, 2004
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    1
    If you don't want to redirect an email to another email address using the forwarders section in Mail, then where can it be redirected to? As an example, is :blackhole: valid, or should it be :void:? Or do neither exist? And are there any others?

    Thanks,
    Mike Peel
     
  2. lloyd_tennison

    lloyd_tennison Well-Known Member

    Joined:
    Mar 12, 2004
    Messages:
    698
    Likes Received:
    1
    Trophy Points:
    18
    Blackhole is indeed valid.

    This comes from Cpanel - under the selction noted.
    <snip>
    Default Address Maintenance


    Send all unrouted e-mail for: domanname.com to:

    Hint: You can enter
    :blackhole: to discard all incoming unrouted mail or
    :fail: no such address here to bounce it.

    If you wish to send to multiple address, please seperate them with a comma (,)

    </snip>

    I have been setting to blackhole because of the amount of SPAM and the overhead that fail uses. I just recently changed that.
     
    #2 lloyd_tennison, Oct 12, 2004
    Last edited: Oct 12, 2004
  3. dezignguy

    dezignguy Well-Known Member

    Joined:
    Sep 26, 2004
    Messages:
    534
    Likes Received:
    0
    Trophy Points:
    16
    You've got it turned around... :blackhole: has the extra overhead... :fail: has less overhead than accepting the message in the ifrst place.


    Mike Peel: Why are you talking about redirecting an address to blackhole using the mail forwarders? The blackhole and fail functions will only work with the mail catchall turned off. This is in Default Address Maintenance.
     
  4. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    Not true. I have a few accounts where I get a lot of spam to default emails like webmaster@, sales@, and so on. I leave the default email on and just create forwarders for those to go to ":fail: no such address".

    Mail goes to the default address if there is no POP or forwarder for that particular email address.
     
  5. lloyd_tennison

    lloyd_tennison Well-Known Member

    Joined:
    Mar 12, 2004
    Messages:
    698
    Likes Received:
    1
    Trophy Points:
    18
    Since when is it less overhead to send a response BACK to the sender of the garbage than to just simply accept it? Just look at it overhead, check, verify, deny, send deny message - and then repeat each time the email is retried, as there are so many servers out there that retry anyway. Most datacenters recommend blackhole over fail for just this reason. Also, why let the spammer know they have a bad address?
     
  6. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    lloyd, it's been accepted now that since the use of verify = recipient in exim.conf that it is definitely best to use :fail: now.

    The reasons are:

    1. :blackhole: accepts the email and receives it, then sends it to /dev/null. This wastes your bandwidth and actually breaks the SMTP RFC because you're not notifying the sender that the email is undelivered.

    2. :fail: stops the email from being received, because verify = recipient occurs at the RCPT phase of the SMTP exchange before any data has been received. No bounce is sent, the exchange simply termintates with an SMTP error code. This means much less processing resources on your SMTP server, much less bandwidth (you don't actually receive the email) and you maintain RFC compliance by notifying the senders SMTP server that the delivery failed (which spammers ignore and real people appreciate if they've made an addressing mistake).

    So, it is definitely better to use :fail: and any provider telling you otherwise is using out of date information.
     
  7. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    To address your last point, you can simply install a dictionary attack ACL to prevent that issue, such as the wonderful one over here ;)
    http://www.webumake.com/free/eximdeny.htm

    IMX, it is cheaper to use :fail: plus a dictionary attack ACL then to accepts spam and /dev/null it.
     
  8. Mike Peel

    Mike Peel Active Member

    Joined:
    May 1, 2004
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    1
    Thanks for your help with clearing that up. :) Can I just ask - if you use :fail:, am I right in thinking that the specific error message would follow it? e.g.:

    :fail: no such address here
    :fail: fred
    :fail: bob

    or am I wrong there?

    Also, is it possible to forward an email to a script?
     
    #8 Mike Peel, Oct 13, 2004
    Last edited: Oct 13, 2004
  9. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Yes, to the first part, you can use your own error message after :fail:

    Yes, to the second part. You can create a Forwarder that pipes to a script instead of sending to an email address. To do that you use the format:

    |/path/to/script/script.pl

    Note that the first character is the pipe character.
     
  10. dezignguy

    dezignguy Well-Known Member

    Joined:
    Sep 26, 2004
    Messages:
    534
    Likes Received:
    0
    Trophy Points:
    16
    Neat... I didn't realize you could do that, but it does make sense now that I think about it.



    Well, you'd be right if your email server did generate a bounce email and send that back to the from address... (Like older versions of Exchange do, I believe)... that's bad. However, for cpanel servers, because this reject is done during the smtp conversation between servers, it's usually just one line of text... something to the effect of:

    550 5.7.1 Invalid address

    No overhead at all, since the mail isn't accepted... so no disk writing, processing, much less bandwidth, etc.

    Chirpy explains it well too... and the dictionary attack acl too.
     
  11. dezignguy

    dezignguy Well-Known Member

    Joined:
    Sep 26, 2004
    Messages:
    534
    Likes Received:
    0
    Trophy Points:
    16
    Weird... squirrel, I tried what you said and added an address that's been getting spam and virus bounces sent to it. Set it to :fail: no such user in the mail forwards section...

    But when sending a test email to it to check the error returned I get a rather unexpected error:

    Task 'Main Acct - Sending' reported error (0x800CCC65) : 'Your outgoing (SMTP) e-mail server has reported an internal error. If you continue to receive this message, contact your server administrator or Internet service provider (ISP). The server responded: 503 valid RCPT command must precede DATA'

    I suppose the error makes some sense but it wasn't what I was expecting... is this what everyone will get or is it just Outlook's interpretation? I don't think any of my Exim hacks affect anything here, so I think I have a fairly stock Exim config in this situation.
     
  12. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    That's probably Outlooks poor interpretation of the SMTP failure to accept delivery, probably because you're effectively sending it locally. If you try from a third party email (e.g. hotmal, yahoo, etc) you'll probably get a proper bounce message.
     
  13. volume

    volume Member

    Joined:
    Mar 7, 2004
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    so where's the file?

    Hello All,

    :fail: is looking favourable and I may change over all my exisitng accounts to 'that' as a deafult. Does anyone know what and where the file is in a redhat linux environment. I'm sure its easier to change that file rather than logging into each account making the relevant changes and moving on the next.

    Thanks in advance.

    volume.
     
  14. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    The forwarders are in /etc/valiases/domain.tld
     
  15. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    See Chirpy's script here.
     
  16. volume

    volume Member

    Joined:
    Mar 7, 2004
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    just thanks...

    Simple reply to you squirrel - thanks.

    volume.
     
  17. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    No problem. :)
     
  18. dezignguy

    dezignguy Well-Known Member

    Joined:
    Sep 26, 2004
    Messages:
    534
    Likes Received:
    0
    Trophy Points:
    16
    'sending it locally', as in using smtp auth to login to the server, vs just another mail server sending on the message? I'm actually sending over an ssh tunnel, port 25 on my local machine forwards over ssh to port 25 on my server.

    But anyways, it wasn't too major, and I was prepared to live with it. I was just curious what error people sending to the disabled account would get back. And imho the error I got wasn't all that informative. Maybe I'll test it from my webmail account on another server and see what I get - sometime when I have some extra time.
     
  19. sivadc

    sivadc Active Member

    Joined:
    Dec 10, 2003
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    6
    Hope someone can help me out here.

    I am using ":fail: address not valid for this domain" on one of my domains. I attempted to test it by sending an email from hotmail and yahoo to an invalid address on the domain. The exim_rejectlog shows the emails being rejected because of an invalid address but I did not receive any notification from either hotmail/yahoo or my mail server. I understand that my mail server will no longer send bounce messages for :fail: but shouldn't the hotmail and yahoo email servers notify me? Is there something that I'm missing?
     
  20. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    They certainly should provide you with the bounce, though it doesn't necessarily follow that they will. Did you check whether the bounce ended up in your Junk/Bulk Mail folder and that you turned off any spam/etc filtering on your webmail account, just incase it's being filtered out somewhere?
     
Loading...

Share This Page