Rejecting e-mail before it’s accepted by your mailserver
I wasn’t going to write more about mailspam for a while now, but then I saw that someone on another blog was very curious about something I mentioned:
I reject the majority of spam before it’s accepted by my mailserver.
It’s a collection of filters that reject mail based on certain behaviors. Similar filters could probably be built for several mailservers. Mine is Postfix, and a lot has been done to make it configurable, and it’s also possible to use plug-in filters. All of this reduces the number of mails SpamAssassin has to deal with, making the whole box manage more mail total. Mine have quite a bit of traffic, and still runs with ridiculously low resource usage. I’ve got constant dictionary spam attacks running, and they don’t even bat an eyelash.
The idea behind these filters, is that viruses and spammers have certain behaviors that are different from most legitimate mailservers.
The problem is that some legitimate mailservers are set up by people who don’t know what they’re doing, so you WILL reject a measure of legitimate mail. So care must be taken to make it possible for them to contact you even so.
What happens when you reject mail before accepting it, is that you reject the mail based on the handshake information you receive from the sending server prior to receiving the e-mail. That way the mail never actually leaves the sending server, and it is responsible for sending bounces to the sending e-mail address. That reduces what we call backscatter - endless bounces from legitimate and non-legitimate mail.
Some mailservers are so broken they’ll send a notification as an e-mail to e-mail addresses used as senders of viruses. And those mailservers are often so broken the mails are rejected by my mailserver. Let’s just say there are a lot of mailservers out there who are still running by yesterday’s standards.
Run of the mill webhotel mailservers do not use the filters I do. Relatively few mailservers do - yet. So if you want to use those, you may need to either set up your own server, or seek out a mailserver that does include them. Edit: Run of the mill webhotel mailservers DO reject mail to nonexistent e-mail addresses, as long as catchall for the domain is turned off. But they won’t reject mail addressed to existing addresses.