Hello guys,

Does anybody knows a way to Bounce Invalid Recipent Email Before it Reaches the Internal EMAIL server using UNTANGLE?

Our previous system was(is) a server running SpamAssassin+Amavis+clamav to filter spam and we found a way to tell PostFix to drop messages destined to INVALID email addresses.

You can read the article at
http://www.itinfusion.ca/anti-spam/postfix-net-ldap-bounce/

The thing is, we're seeing about 40% of incoming SPAM messages to invalid addresses, so basically we're wasting CPU cycles on those.

Any idea?

Thanks a lot.

juank,

I am definitely not a mail system wizard, so I won't pretend to be. I read that article, as well as a Wikipedia entry on Postfix. That sounds like a good solution, though the key is obviously the ability to feed it a list of valid email addresses so that it can know what's good and what's not. It looks like Postfix has a number of storage mechanisms, so finding the one that is the most compatible with your network (AD. LDAP, RDBMS) and establishing a feed would populate that list. Then, configure it to deliver accepted incoming mail into your world. I have obviously oversimplified the process, but that sounds like a good idea.

Yes, but I want to hear an answer from one of the Untangle engineers. I don't want to start modifying the Postfix installation on my Untangle box that may brake another thing later.

You'll have to do this on your email server.

Untangle doesn't have any way of telling which emails are valid mailboxes.
It just filters spam.

You may try turning on tarpit if you don't already - that will save far more CPU (and bandwidth).

What about the ability to bounce the spam as undeliverable at the Untangle box (even if it's to a valid address)? Maybe the spammer is actually checking and removing "bad" addresses. That would save them time and cycles. Do they care about that? I guess if they are making money they would.

You can block and quarantine now. Marking something as undeliverable if it actually is may be a violation of a RFC (don't know for sure). Spammers don't get intimately involved with their job. If they did, there would probably be 50% less spam. Buy the list...import the list...send based on the list...buy another list...

Go to your mailbox, and find the bulk mail addressed to Woodrow Wilson or current occupant. The delivery rate is cheap, and there's always a dummy who will jump at the chance to get Viagra at a 1.0833% discount over the last three chances he had. The internet equivalent of postage stamps may be a good thing.

Yeah, I suppose spammers don't pay that much attention. I know there is at least one client application that will bounce messages as undeliverable. That said, I still get spam. Whether or not that is a violation of RFC, I don't know. Plus, if you consider those bounces fall on deaf ears/eyes, you are just adding to the junk flying around on the wire. Nice, how I countered my own post. :D

Postfix will drop undeliverable mail at or near the edge. I would never volunteer info to a spammer. I got a chuckle with your last sentence. I do that sometimes too.

Juan, I wanted to do the same thing when i started here.

I first thought that was what untangle was doing, until I telnetted into my system and saw exchange say helo :)

What I saw is I would have to redo postfix to answer the emails then have it pass on good ones at the end. I had a stand alone ubuntu server doing this before untangle, and it always made me nervous :)

If you tie Postfix or <insert app here> with a directory that contains a list of valid recipients, a successful LDAP/DB search can allow a send, but an unsuccessful search leads to a black hole. Postfix or <insert app here> would need to be an acceptable relay as far as the mail server is concerned.