Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 48717 - create nospam alias by default
Summary: create nospam alias by default
Status: RESOLVED WONTFIX
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Server (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Net-Mail Packages
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-04-22 13:16 UTC by Martin Mokrejš
Modified: 2004-09-26 17:10 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Martin Mokrejš 2004-04-22 13:16:44 UTC
Hi,
  very nice feature, I think it could be done by default:

http://www.jms1.net/qmail/
<quote>
2004-03-25 A friend has become the victim of a "joe-job", meaning that some spammer has decided to use his domain name as the forged "From" address in their spam run. My friend's server is being flooded with hundreds of automated bounce reports from the mail servers of the email addresses which no longer exist, as well as "spam reports" from people calling themselves system administrators who don't know how to inspect the Received: headers of the spam to verify where the messages really came from...

An old trick from sendmail was to create an alias pointing to /dev/null, so that any messages sent to a given address were silently deleted. I wrote a script that I call qmail-nospam which does basically the same thing, but works within the qmail framework.

To set it up, create a .qmail-whatever file which contains one line consisting of a pipe "|" character followed by the location of the script. I usually store the script in /var/qmail/bin for the sake of convenience.

For years I have had a "nospam@..." email address that I use for websites which require an email address in order to access "protected" content, and where I suspect that the web site operator is going to send me spam, or give/sell my email address to a "marketing company" which will send me spam... so they're free to send all the spam they like, directly to my trashcan.

For my friend, the joe-job victim... he can use this same script as the "default" target for his virtual domain, so that these "bounce" messages will be routed directly to his trashcan rather than filling up his mailbox.
</quote>

I suggest installing http://www.jms1.net/qmail/qmail-nospam as /var/qmail/alias/.qmail-nospam. I aggree, to be consistent, ale sendmail and other SMTP users should get it.

Reproducible: Always
Steps to Reproduce:
1.
2.
3.
Comment 1 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2004-04-23 18:51:39 UTC
as the gentoo qmail maintainer, and the maintainer of a reasonably sized mail setup, i'd object to non-standard automatically created mail aliases like this.
i have a nospam@domain already, for users to report spam to.

The message 'Your spam has been ignored' is really pointless as very few people read mail logs (some MTA's don't even log those responses) so you might as well just dump it to /dev/null directly from .qmail-nospam if that is what you really want and be done with it.
Comment 2 Martin Mokrejš 2004-04-25 12:49:31 UTC
Yes, the main reason I've suggested this was just to create .qmail-nospam by default, so that nospam@domain exists. I don't care that much what the script does. it can just copy to /dev/null, doesn't matter for me. I'd just suggest to make the alias, I don't have it by "default" from Gentoo qmail -r13.
Comment 3 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2004-04-25 14:42:21 UTC
i see no point in just creating nospam@domain in qmail still. if a user needs it, then it's a single command to create it.
Comment 4 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2004-09-26 17:06:07 UTC
Martin:

After using the qmail-nospam for a while, it has only decreased my traffic by less than 40%, because spammers on seeing that one address works, keep sending emails thinking the address is active.

Here is a new variant I cooked up, that considers mail sent to that address as bad in future, and rejected it in the initial SMTP transaction.
#!/bin/sh
# first eat everything from stdin (makes qmail-local happy)
cat > /dev/null
BDRT=/var/qmail/control/morebadrcptto
/usr/bin/setlock -x $BDRT sh -c "echo \$RECIPIENT >>${BDRT}"
/var/qmail/bin/qmail-newbrt &
echo "Your spam has been ignored - good bye."
exit 0
Comment 5 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2004-09-26 17:10:08 UTC
depending on permissions 
you may need to take out the '/var/qmail/bin/qmail-newbrt' and cronjob it instead.

also, you may want a different payload, like set iptables to deny any traffic on port 25 from that machine for the next minute.