Re: Disallowing bounces

From: Olav Vitters <olav bkor dhs org>
To: Dave Neary <bolsh gnome org>
Cc: desktop-devel-list gnome org
Subject: Re: Disallowing bounces
Date: Wed, 24 Sep 2008 16:07:55 +0200

On Wed, Sep 24, 2008 at 03:35:52PM +0200, Dave Neary wrote:
> Olav Vitters wrote:
> > Per today the gnome.org mailserver will not accept bounces generated by
> > external systems. This as these things are flooding mailing lists,
> > @gnome.org aliases and the ticketing systems.
> > Note:
> > The server doesn't reject an empty envelope from, it just checks for two
> > content type mime headers. This won't catch all of the bounces, but
> > should prevent most of them.
> 
> Will this result in any false positives i.e. will any legitimate email
> get rejected by the gnome.org server? I'm unsure what a bounce message is.

The emails that appear to arrive from e.g. mailer-daemon or postmaster.
Meaning: the messages that either a mailbox is full, or that the user
doesn't exit. Also known as a DSN (delivery status notification).

Legitimate bounces will be affected. Other mail won't be. The exact
rules are:
/^Content-Type: multipart\/report; report-type=delivery-status;/ REJECT no third-party DSNs
/^Content-Type: message\/delivery-status;/     REJECT no third-party DSNs

Legitimate bounces could be when e.g. the gnome.org mailserver delivers
it to a system which doesn't reject immediately but instead sends a
bounce message.
To avoid rejecting legitimate bounces there is something called BATV.
However, that requires some time to set it. Plus I am not sure if it is
speedy enough (the Postfix implementation) for our system (load seems to
be 2.5-3.5; although today it is at 5+).

> > Further:
> > If you use your @gnome.org alias with some external ISP: Make sure the
> > envelope from does NOT contain @gnome.org or you'll never receive bounce
> > messages. The normal From: can of course contain your @gnome.org alias.
> 
> How do I do this? What's "the envelope from"?

I don't know what application you use. In gmail it will work per
default. Often mail programs such as Evolution do not allow you to
set a different envelope from.

Envelope from simply said the Sender: address or Return-Path. It is
where the error messages go to (SMTP level). The From: is what is in the
header of an email.

Note that the change was made after complaints of 3 @gnome.org alias
users, some who received 500+ bounces in a day. I don't like rejecting
bounces, but am unsure about a good solution; it is difficult to solve
as people use their own mailserver when sending mail with their
@gnome.org alias. This is logical as using the gnome mailserver isn't
supported atm (AFAICS in the config). BATV would btw require people
to use the gnome.org mailserver for them to receive the bounces (it
rewrites the envelope from).

> > PS: People employing challenge response systems should FOAD.
> 
> You could have found a nicer way to say this. Politeness & niceness
> counts for something.

I could, but this was already nice. Getting loads of bounces is one
thing (at least easily able to filter 95% of them), but then again the
1001 different challenge response emails that only serve to make the
problem worse...

-- 
Regards,
Olav

References:
- Re: Disallowing bounces
  - From: Dave Neary

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]