0

When my email server receives mail sent to an unknown local user should the server send the message back to the sender or should the email just be dropped?

I'm just curious what is most preferred. I can think of cases where both options are helpful and unhelpful. For example, spam that is sent to an unknown local address probably should not be bounced back to the sender because it will most likely be sent back to another unknown address. But in some cases someone could have just made a typo on a legitimate email. Thanks.

Keith Maurino
  • 163
  • 1
  • 4

4 Answers4

8

it should be immediately rejected. Senders mail server should inform the sender about failure with non-delivery report.

andrws
  • 163
  • 4
  • 3
    Yes, an SMTP response with a permanent failure error and "no such address" or something like that. Don't generate your own bounce email, don't silently discard. Generating a bounce email (NDR) causes backscatter for spam; silent discard causes valid senders to not know their email was lost. – freiheit Dec 28 '09 at 20:47
2

If your MTA is handling email from untrusted sources it is generally best to silently drop the email or direct it into a spam bucket without responding. Non-delivery reports can be used by automated attacks to discover valid email addresses - the absence of a NDR implies a valid address. This is the best policy for incoming mail on an internet facing server.

On a server handling mail from inside (i.e. trusted) sources it is probably better to generate a non-delivery report if possible. Note that this assumes that the MTA can tell that it has a failed delivery. Detecting failed delivery to external public-facing MTAs may not be possible as they may well be configured not to generate NDRs.

ConcernedOfTunbridgeWells
  • 8,820
  • 2
  • 32
  • 52
1

I think this is more of a business decision than it is a technical question. Ideally you'd do what ConcernedOfTunbridgeW suggested. He's right that NDRs can help spammers resolve valid from invalid addresses and you don't want to assist them.

The reason this becomes a business decision is that there may be people regularly contacting the business who do not have the address in their address book/history or have it incorrectly stored (ex: a large, public sales staff). If those people contacting your business do not get an NDR, they may assume that their email has been delivered and then be frustrated from the lack of response from the individual they were attempting to contact. In this event, the solution may be worse than the cure.

I'd recommend an internal discussion first before putting a policy like this into place. You may be better off just having someone filter your email for spam/viruses (like Securence or MS Forefront) rather than other technical solutions.

Mr Furious
  • 801
  • 1
  • 6
  • 14
0

Usually the standard NDR is sufficient. For most users that receive it, its descriptive enough where they can resend if it was a typo on their part.

DanBig
  • 11,423
  • 1
  • 29
  • 53