I have a setup of exim4 on domain1 in front of other server, domain2 (with sendmail). Second server have no direct access to internet, so domain1 is MX for domain2. And domain2 is set as hubbed_host in the exim4 on domain1.
When spammer sends message for no_such_user@domain2, its sendmail do a reject:
550 5.1.1 <no_such_user@domain2>... User unknown
Then, exim4 at domain1 do an auto-reply like this:
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
no_such_user@domain2
SMTP error from remote mail server after RCPT TO:<no_such_user@domain2>:
host 10.0.0.1 [10.0.0.1]: 550 5.1.1 <no_such_user@domain2>... User
unknown
The spammers uses fake "from" field, and such generated messages are frozen by exim for a long time.
How can I disable some or all autoreplies from exim4? Ideally, I want a filter, if message was not delivered with error "User unknown" than don't generate any autoreply from mailer-daemon.
Thanks!
I think this blog post is what you're looking for.
Your problem is that you're not verifying the recipient address at RCPT time. This is easy to fix.
Use callout verification for the recipient. The "remote" server you talk to is under your control, so this is not abusive.
In the ACL assigned to acl_smtp_rcpt, you have a rule which does "verify = recipient". Without knowing your rules, I can't say exactly what to do. IF this line is in an "accept" block, then just before it you can add another accept block, almost the same, with an added "domains = domain2" restriction and which does "verify = recipient/callout" (adding those 8 characters at the end). If this is in a "require" block, instead of "accept", then after that block you can add a deny block, like:
There are more options to control things like timeouts, actions on deferral, etc. See §40.42 "Additional parameters for callouts" of The Exim Specification (should be "spec.txt" somewhere on your system).