Does the catchall work?

I'm trying to completely remove all e-mails that are not addressed to a valid local user. I get a whole lot of spam to my domain, and as it is configured now - all emails are bounced back to spammer.

I have added a catchall of /dev/null in vexim, and exim main log looks like this:
2009-06-25 07:31:23 1MJhYN-0006Ct-DH => /dev/null <blah@domain.com> R=virtual_domains_catchall T=**bypassed**

When I send mail to domain I don't get a bounce. Does that mean that my solution worked?

chrille112 <chrille@...> (Do 25 Jun 2009 07:41:35 CEST):
>
> I'm trying to completely remove all e-mails that are not addressed to a valid
> local user. I get a whole lot of spam to my domain, and as it is configured
> now - all emails are bounced back to spammer.

If you are talking about bounces as bounce messages generated by your
system, it's a sub-optimal solution ;-)

>
> I have added a catchall of /dev/null in vexim, and exim main log looks like
> this:
> 2009-06-25 07:31:23 1MJhYN-0006Ct-DH => /dev/null <blah@...>
> R=virtual_domains_catchall T=**bypassed**

The message is dumped to /dev/null, thus lost. If this is, what you
want, then it worked. (But the message passed through the wire into your
system.)

> When I send mail to domain I don't get a bounce. Does that mean that my
> solution worked?

Better solution would be to *reject* mails to unknown users at SMTP time
already. This does not generate bounces in your system, and if the
sender just mistyped your address, there is some good chance, that the
senders system generates a bounce to the sender, informing him/her bout
the mistake.  (And the side effect is, that the message gets rejected
already at "RCPT TO", thus not passing any DATA to your system.)

Make sure, that your (local user) router generates an error for unknown
users and that your recipient ACL has a 'require verify = recipient' or
something similar.

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
--
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann HS12-RIPE -----------------------------------------
 gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
 gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2  7E92 EE4E AC98 48D0 359B -


--
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

On 25 Jun 2009, at 06:41, chrille112 wrote:

Yes - the transport is bypassed because it would just throw away the  
mail.

But why are you doing this - you are now accepting mail (costing you  
bandwidth, and potentially spam/virus scanning requirements) which you  
throw away, making a black hole in a mail system (always a bad  
thing).  Reject the stuff at SMTP time and make it the problem of the  
sending system.

        Nigel.
--
[ Nigel Metheringham             Nigel.Metheringham@... ]
[ - Comments in this message are my own and not ITO opinion/policy - ]


--
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Nigel Metheringham wrote:

But why are you doing this - you are now accepting mail (costing you  
bandwidth, and potentially spam/virus scanning requirements) which you  
throw away, making a black hole in a mail system (always a bad  
thing).  Reject the stuff at SMTP time and make it the problem of the  
sending system.

I have changed a bit, so this is what the log looks like:
2009-06-25 11:07:05 H=([93.125.48.x]) [93.125.48.x] F=<aanuf@domain.com> rejected RCPT <aanuf@domain.com>: No such user

Am I rejecting it at SMTP time now?

On 25/06/2009, chrille112 <chrille@...> wrote:
> I have changed a bit, so this is what the log looks like:
> 2009-06-25 11:07:05 H=([93.125.48.x]) [93.125.48.x] F=<aanuf@...>
> rejected RCPT <aanuf@...>: No such user
>
> Am I rejecting it at SMTP time now?

Yes.

You can use 'exim -bh' with appropriate arguments to simulate an SMTP
session and observe what happens.

Peter


--
Peter Bowyer
Email: peter@...
Follow me on Twitter: twitter.com/peeebeee

--
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

It seems to be working fine now, but exim main log grows very big and logwatch seems to have a problem parsing it. Is there something I can do so the "unknown user"-lines don't write to log?

Hello,

chrille112 <chrille@...> (So 28 Jun 2009 20:55:26 CEST):
>
> It seems to be working fine now, but exim main log grows very big and
> logwatch seems to have a problem parsing it. Is there something I can do so
> the "unknown user"-lines don't write to log?

I didn't test it, but I just came acrosse a generic router option
"disable_logging", may be, this is, what you're looking for.


    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
--
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann HS12-RIPE -----------------------------------------
 gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
 gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2  7E92 EE4E AC98 48D0 359B -


--
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/