disable e-mail forwarding

Driesp

Verified User
Joined
Mar 12, 2007
Messages
168
Location
Belgium
E-mail forwarders on busy servers are causing gmail, hotmail to blacklist.

Gmail and hotmail sees spam characteristics before the message is delivered denying the message.
the exim mailserver has to bounce the message back, in the event also causing backscatter.

And more importantly when the a forwarder is receiving spam (to be forward to gmail or hotmail),
the directadmin server will eventually become blacklisted as it seems to be the origin by gmail and hotmail mailservers.

Nice would be a feature that disables forwarding to external addresses
and rename the current forwarding system to an alias system.

This will cause clients not being able to forward their e-mail towards another external e-mail account.
 
Been here before...... I too would like this feature...... but it will never happen......and maybe when your clients realise forwarders are blocked, no doubt they'll move to another company.

Instead of blocking forwarders, we should tackle the issue.
 
I'm not sure what you mean, Peter.

Do you want it? Or do you think your customers will leave if you have it? I'm confused.

I also believe the issue should be addressed; we should clean email carefully for spam before forwarding.

And my understanding is that we're currently doing this well with latest SpamBlocker exim.conf file used in CustomBuild 2.

Do either of you see a specific problem with incoming spam being forwarded, that we can address?

Note if the issue is with SPF or DKIM settings, that's a separate, also addressable, issue.

And if you really want the feature, I suppose I can figure it out.

But as user Driesp points out, there is a difference between an alias and a forwarder, and exim by default manages them both as forwarders (aliases should in an ideal world be handled at the directory link level). While true aliases will likely not be implemented, off-site forwards can be. Possibly, as you write, at the cost of clients who need the feature.

Jeff
 
Would you like to see a simple DA option to only allow forwarder values if they're on local domains from /etc/virtual/domains? (disabled by default)
Wouldn't be very hard for me to throw in.
Of course, there are ways around it, but it would at least solve it for most cases.
Let me know.

John
 
@John, I am not interested in ability to disable forwarders, because we need to offer this on shared hosting servers. However I would very much like some improvements so that our server is not seen as the sender of the spam (when spam is also forwarded). I posted a reply about this in reply #12 here: http://forum.directadmin.com/showthread.php?t=50059&p=257991#post257991

Here is a quote from my reply linked above, please consider implementing a change to the envelope sender like Google "Best practices for forwarding mail to Gmail" says, here is copy/paste of my post linked above:

Regarding forwarders in DirectAdmin. When customer forwards emails to for example their gmail accounts, then spam is also forwarded. Gmail see the spam as if it is sent from our mail server.

I ask that DirectAdmin can change the forwarders so that the envelope sender is not changed when forwarding emails, so that Gmail don't see it as spam sent from our mail server. Here is a quote from "Best practices for forwarding mail to Gmail" at https://support.google.com/mail/answer/175365?hl=en

We recommend that you do not change the envelope sender when forwarding email to Gmail. Sometimes, when forwarding email, the envelope sender gets changed to your domain. When this happens, Gmail may learn that your domain is sending spam, and will treat other emails from this domain as spam as well.
 
What ditto said, I don't really want to block external forwarders - however, if they do use GMail, then they should ideally do it properly and fetch email for their domains from there, as obviously, unless they use GMail in Google Apps, they send replies using their GMail email anyway.
 
Would you like to see a simple DA option to only allow forwarder values if they're on local domains from /etc/virtual/domains? (disabled by default)
Wouldn't be very hard for me to throw in.
Of course, there are ways around it, but it would at least solve it for most cases.
Let me know.

John

Hi, John.

I would say it is a very useful feature, please just set it to disabled by default, I would happily sacrifice clients who need external redirects in favor of having way better delivery to gmail/yahoo etc.

Cheers!
 
hotmail blocked my vps today, probably because some accounts forward all their mail to a hotmail.com address, including spam. (SpamBlocker isn't perfect)
So i wanted to prevent my users of setting a forwarder to hotmail.
For those who are interested: this is my forwarder_create_pre.sh:
Code:
#!/bin/sh
if [[ "$value" == *"@hotmail.com" ]]; then
        echo "<br><b>Forwarding to hotmail.com is not allowed.</b><br><br>";
        exit 1;
fi
if [[ "$value" == *"@outlook.com" ]]; then
        echo "<br><b>Forwarding to outlook.com is not allowed.</b><br><br>";
        exit 1;
fi
if [[ "$value" == *"@live.com" ]]; then
        echo "<br><b>Forwarding to live.com is not allowed.</b><br><br>";
        exit 1;
fi

exit 0;
 
Thank you. It might be wise to block gmail to in that case. They also start blocking when they get too much spam or mail from 1 ip.
 
Thank you. It might be wise to block gmail to in that case. They also start blocking when they get too much spam or mail from 1 ip.

Is I start blocking gmail I'll make some people angry. I don't have issues with google (yet) even though I have a lot of accounts forwarding to them. Only a few were forwarding to outlook yet still outlook blocked me. I think Microsoft is a lot more aggressive.
 
It's quite logic that people will get angry if you would block gmail. :)
I just posted it as an idea because I don't believe Microsoft is a lot more aggressive then Gmail.
Chances are when you start blocking hotmail.* and outlook.com the abusive customers will start using yahoo.* and gmail.* accounts.
But you're correct, it's better to wait with that until they will start using such accounts.
 
Back
Top