[vox-tech] Virus deluge
Rod Roark
vox-tech@lists.lugod.org
Thu, 29 Jan 2004 06:05:45 -0800
On Wednesday 28 January 2004 11:18 pm, Samuel N. Merritt wrote:
...
> Something that plays nicely with this is to set
>
> local_recipient_maps = $alias_maps, unix:passwd.byname
>
> so that messages to invalid recipients get rejected in the SMTP
> conversation. By default on Debian Woody (postfix 1.1.11), messages get
> accepted for any user, and if the user is invalid, Postfix generates a
> bounce message and sends it out.
>
> Rejecting the message early saves 2*(message size) in bandwidth. This
> gets significant with large worms.
Interesting! Although for me this does not really apply,
as all my published domains are virtual domains, for which
Postfix already rejects invalid users at SMTP time.
> Note that this is now the default in Postfix 2.0. (About time, IMHO.) It
> used to be a FAQ back in the Postfix 1.x days, but it took me a fair bit
> of Googling before I found an old Postfix 1.x FAQ that explained it.
>
> That old FAQ is at
> <http://www.muehlgasse.de/doc/packages/pfixtls/html/faq.html>.
Nice link - a good one to bookmark.
By the way. a quick check tells me that since Sunday afternoon
my server has rejected 2,664 attempts to deliver the MyDoom/Novarg
virus. That's just with body_checks and does not include normal
spam blocking based on source IP. Total rejections are 6,198.
-- Rod