I have a domain with a wild card recipient like this in my
virtusertable:

[at] example.com: someuser

When a spammer spoofs a user in this domain, someuser ends up with the
backlash as a rash of non-delivery notifications. I have an SPF
record set up, but not everyone looks at it of course.

I need to keep the wild card in place because this user has set up
hundreds of email addresses for herself.

What I'd like to do is reject only non-delivery notifications ONLY to
wild card addresses like this. Is there any way to do that?

Michael Grant

User-level filter, e.g. procmail or sieve. If header From is mailer-
daemon or postmaster, reject, something like that, although then the
user will not see real bounces, so maybe a more refined rule could
allow bounces for addresses she uses as sender addresses in her mail.

Joe Brennan

In news:1187018063.747881.105410 [at] r34g2000hsd.googlegroups.com,
Joe Brennan <brennan [at] columbia.edu> wrote:

> User-level filter, e.g. procmail or sieve. If header From is mailer-
> daemon or postmaster, reject, something like that, although then the
> user will not see real bounces, so maybe a more refined rule could
> allow bounces for addresses she uses as sender addresses in her mail.

Anyone who wishes to "reject" error messages is either a fuckin' idiot or a
spammer, no exceptions.

Gretch wrote:
> Anyone who wishes to "reject" error messages is either a fuckin' idiot or a
> spammer, no exceptions.

What a moron: Error messages to non-existent users should be
rejected, and the same goes for inbound-only mailboxes (postmaster,
abuse, etc., ...) which cannot send out messages. However, for
postmaster, watch out for the "double-bounce" condition.

What you could also do is look at the "compat" mapping for access.db.
Specifically allow those DSNs for mailboxes that you specifically have
in your virtual domain and have an entry to deny all other DSNs for it.