DevHeads.net

How to fake Per-Recipient Data Responses (PRDR)?

Hello, short of Per-Recipient Data Responses (PRDR) becoming standard,
may I ask how administrators are faking it? I understand you can
temp-fail all but the first rcpt-to, but how to do this in Postfix? Does
it require a custom milter? Surely there must be a published solution
somewhere?

Comments

Re: How to fake Per-Recipient Data Responses (PRDR)?

By Kevin A. McGrail at 10/02/2017 - 10:04

On 10/1/2017 8:15 PM, MRob wrote:
So I'm interested if you can do this in postfix as well.

Regards,
KAM

Re: How to fake Per-Recipient Data Responses (PRDR)?

By Noel Jones at 10/02/2017 - 10:14

On 10/2/2017 10:04 AM, Kevin A. McGrail wrote:

<a href="http://www.postfix.org/postconf.5.html#smtpd_recipient_limit" title="http://www.postfix.org/postconf.5.html#smtpd_recipient_limit">http://www.postfix.org/postconf.5.html#smtpd_recipient_limit</a>

Re: How to fake Per-Recipient Data Responses (PRDR)?

By Kevin A. McGrail at 10/02/2017 - 10:17

On 10/2/2017 11:14 AM, Noel Jones wrote:
Regards,
KAM

Re: How to fake Per-Recipient Data Responses (PRDR)?

By Noel Jones at 10/02/2017 - 10:47

On 10/2/2017 10:17 AM, Kevin A. McGrail wrote:

Yes, for sure. Extra recipients will get a 4xx response.

Note this may *severely* delay deliveries, depending on the sender's
retry policy. If a message arrives with 100 recipients, the sender
will need to retry 99 times, which will likely take a very long time.

-- Noel Jones

Re: How to fake Per-Recipient Data Responses (PRDR)?

By Viktor Dukhovni at 10/02/2017 - 11:09

It violates SMTP standards. Interoperable SMTP servers are required
to accept up to 100 recipients per envelope (message delivery).

Do not cripple SMTP. Make sure your anti-abuse measures do not impede
legitimate email. Avoid techniques that impose behaviour changes on
legitimate email senders.

Re: How to fake Per-Recipient Data Responses (PRDR)?

By Matus UHLAR - f... at 10/03/2017 - 12:22

On 02.10.17 12:09, Viktor Dukhovni wrote:
Agreed. However I know one legitimate reason to do this:
accept spam on abuse@ mailbox (may be spam report), while refuse for others.

Re: How to fake Per-Recipient Data Responses (PRDR)?

By Viktor Dukhovni at 10/03/2017 - 13:24

Sure, you can indeed force mail to "abuse@" and/or "postmaster@" into
a separate envelope from all other recipients, by tempfailing these
at "RCPT TO" if any other recipients have been accepted, and tempfailing
all other recipients after these have been accepted.

Such a policy does not overly fragment multi-recipient messages, and if
you have multiple MX hosts, will typically just cause the rest of the
envelope to be accepted (or rejected) in its entirety when retried at
the next alternate MX.

This does not require PRDR, just tempfail mixtures of spam-lover and
spam-hater recipients in the same envelope, but only works if you have
just two recipient classes, any more, and it starts becoming unreliable
and too costly for legitimate senders.

Re: How to fake Per-Recipient Data Responses (PRDR)?

By Kevin A. McGrail at 10/02/2017 - 11:03

On 10/2/2017 11:47 AM, Noel Jones wrote:
Agreed about the delay.  I accept once and reinject internally with a
milter so there is no delay and 1 email with 100 recipients becomes 100
emails.  But it's nice to know this option exists because it might be
helpful for store and queue internal purposes.  Thanks for pointing it out!

Regards,
KAM

Re: How to fake Per-Recipient Data Responses (PRDR)?

By Matus UHLAR - f... at 10/03/2017 - 12:20

On 02.10.17 12:03, Kevin A. McGrail wrote:
what about rejected e-mail? Do you generate bounces or simply drop them?