One method used to gather addresses for spamming is to misuse the RCPT TO: command. To illustrate, consider the following fragment of an SMTP session:

RCPT To:<aa@your.domain>
550 5.1.1 <aa@your.domain>... User unknown
RCPT To:<ab@your.domain>
550 5.1.1 <ab@your.domain>... User unknown
RCPT To:<ac@your.domain>
550 5.1.1 <ac@your.domain>... User unknown
RCPT To:<ad@your.domain>
550 5.1.1 <ad@your.domain>... User unknown
RCPT To:<ae@your.domain>
250 2.1.0 <ae@your.domain>... Recipient ok
RCPT To:<af@your.domain>
550 5.1.1 <af@your.domain>... User unknown

Here, some other site has connected to your sendmail and started sending bad RCPT TO: commands for a series of possible usernames. These are alphabetical, but other such abuses might be based on lists of common names. Whenever sendmail replies with a 250, the other site knows that that address is good, and adds it to its list of spam addresses.

With V8.12 and later sendmail it is possible to impose a penalty on sites that send too many bad RCPT TO: commands. You do that by defining the BadRcptThrottle, like this:

O BadRcptThrottle=num                configuration file (V8.12 and later) 
-OBadRcptThrottle=num                command line (V8.12 and later) 
define(`confBAD_RCPT_THROTTLE',`num') mc configuration (V8.12 and later 

Here, num is a textual representation of a positive integer. If num is negative, nonnumeric, or zero (the default), bad RCPT TO: commands are accepted without penalty. If num is positive, only that number of ...

Get Sendmail, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.