I have a few e-mail aliases that forward to external hosts. Currently, if the external host rejects a message, Exim generates a bounce message and sends it to the original sender. This is bad because if the external host rejects the message as spam (a common case), then I'm a source of backscatter spam.
Thus, if the sender is non-local, I'd like to send the bounce to postmaster (me) instead. Alternately, sending all bounces to postmaster would be good enough.
The Exim documentation hints that this can be done ("when a message fails to be delivered ... Exim sends a message to the original sender, or to an alternative configured address", emphasis added), but I couldn't find how.
For example, here is a log excerpt showing a backscatter spam being created (in this case, the purported source server isn't accepting connections). [email protected] is the purported sender of a spam e-mail to [email protected], which then forwards to [email protected]; GMail then rejects the message and my server creates a bounce to [email protected]. I want that bounce to go to [email protected] instead. (Usernames obfuscated; the rest of the log is verbatim.)
2011-10-03 12:03:08 1RAkyw-0000cj-45 <= [email protected] H=(gyajnj.com [113.190.35.111] P=esmtp S=33927 [email protected]
2011-10-03 12:03:09 1RAkyw-0000cj-45 ** [email protected] <[email protected]> R=dnslookup T=remote_smtp: SMTP error from remote mail server after end of data: host gmail-smtp-in.l.google.com [74.125.47.26]: 552-5.7.0 Our system detected an illegal attachment on your message. Please\n552-5.7.0 visit http://mail.google.com/support/bin/answer.py?answer=6590 to\n552 5.7.0 review our attachment guidelines. i3si13239001yhk.107
2011-10-03 12:03:09 1RAkyz-0000cm-H5 <= <> R=1RAkyw-0000cj-45 U=Debian-exim P=local S=35124
2011-10-03 12:03:09 1RAkyw-0000cj-45 Completed
2011-10-03 12:03:30 1RAkyz-0000cm-H5 nacha.net [64.212.215.180] Connection timed out
2011-10-03 12:03:30 1RAkyz-0000cm-H5 == [email protected] R=dnslookup T=remote_smtp defer (110): Connection timed out
Here is the relevant router:
dnslookup:
debug_print = "R: dnslookup for $local_part@$domain"
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
same_domain_copy_routing = yes
# ignore private rfc1918 and APIPA addresses
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :\
172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16 :\
255.255.255.255
no_more
Some rules are dumb because they cause more harm than good! And people advocating and creating them know that. I would care more about postmaster ethics than the dumb rules. And I hate dumb rules and obviously the people setting those rules. If you are like me, aware of consequences (see above) and want to screw the rules then sure,
1) Establish sender and recipient verification to secure yourself OR
2) Fail or freeze all null postmaster bounces. Do it with an exim system filter
3) OR create an ACL at acl_smtp_data check time to forward, fail or freeze the null bounce emails being sent to or not to specific hosts. You can extract received header info as described in https://grepular.com/Exim_Trick_to_Extract_Received_Header_IP_Addresses
Your approach violates RFC 5321 where you must deliver or bounce back to sender. There are only very limited exceptions: https://www.rfc-editor.org/rfc/rfc5321#section-6.2
So you have three options
This is invalid. No exceptions. Because there are situations where you discard legitimate bounces (quota exceeded, disk errors, ...) for all senders. Legitimate clients and evil Spammers.
This is legitimate. But it leaves a hole where you discard bounces that are not related to content violations (Spam, viruses) but user unknown, mailbox full and the like.
Perfect solution but introduces extended configuration.
Go for option 3. But better would be to disallow forwarding mails or increase Spam filtering before forwarding these mails.
The way to do this is with the
errors_todirective in the router. I believe Exim also supports some conditionals to do it selectively.