Why forwarding all email for users is dangerous

June 29, 2007

The problem with forwarding all email for users is that much of the time you wind up forwarding spam email as a result, sometimes a great deal of it. That is: your mail servers wind up sending spam email, often a lot of it, to the places that your users have forwarded their emails. There are two consequences of this.

First, these days large Internet providers like Yahoo don't care why you're sending them spam, they just care that you are. When you do send them spam, they react to it by slowing down or stalling all of your email to them in various ways. Which means that all email from your local users to people on Yahoo (or wherever) is going to get delayed (or sometimes outright refused).

Second, a number of places now outright reject spam and viruses at SMTP time. When your users forward their email to such a place, the net result is that you wind up sending bounces back to the claimed origin of the spam, which is almost always forged. There's a term for that these days: backscatter. It's not a good thing.

Not allowing users to forward their email is not an option in a university environment, so the best way we currently have to deal with this is to strongly encourage our users to only forward their non-spam email. We also make sure that our bounces come from a separate machine than regular user email gets sent out from.

(For both political and technical reasons we can't currently reject spam at SMTP time here.)

Written on 29 June 2007.
« Why I don't like inverted if conditionals
The stupidity of being nickled and dimed by vendors »

Page tools: View Source, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Fri Jun 29 13:49:10 2007
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.