Darn spammers are tracking who receives mail
After doing a lot of cleanup trying to clear out clogged queues full of spam, I discovered today that spammers are taking advantage of DSNs (see How to get notified).
I had disabled the spamtrap temporarily on most of my servers, and suddenly noticed there was outgoing mail from the spamtrap, which seemed odd. Taking a look at what was in the queue, I found this (email address hidden):
----- The following addresses had successful delivery notifications ----- s...@s... (relayed to non-DSN-aware mailer) (expanded from: s...@s...) ----- Transcript of session follows ----- s...@s...... relayed; expect no further notifications
Searching around I found there's a privacy flag to sendmail called "noreceipts". Checking my config files I found that this is ALREADY ENABLED. So it would seem that it doesn't work, at least under sendmail 8.13.5. I'm still searching for a way to disable the positive DSNs. Trying to send out all the notifies to tell the spammer that they found a good email address is just clogging up my queues.