Re: reject_unknown_recipient_domain

Martin Koeck wrote:
>=20
> I thought using reject_unknown_recipient_domain was an effective way of=
=20
> blocking some sort of spam at a very early stage.
>=20

which kind of spam would this block? let's consider all the possibilities=
:

- local mail (from you to you). this rule doesn't help. it only requires=20
that you domains be wel configured in dns.

- inbound mail which should contain all of the spam. here, your rule=20
only requires that you configure your dns for all your domains. nothing=20
to do with spam

- relay mail. your rule would indeed block mail from these if going to=20
inexistent domains. but you either trust these people (and thus allow'em=20
to realy) or not (and then reject their relay).

- outgoing mail. this is the same as above.


you =F9ay be tempted to use rej*_rcpt_domain if the sender isn't yours,=20
but you'd better don't care and watch the logs. Policies are what you=20
publish, enforcement doesn't mean "prevention". monitoring is generally=20
a better way.