After setting up mailgun to handle inbound mail to Phabricator, I found my mailgun logs were unexpectedly showing a lot of outbound mail to unknown addresses.
This seems to be because Phabricator accepts all inbound mail (at least the mailgun endpoint does), then sends a standard "Error Processing Mail (No Receivers)" mail to the alleged sender (who in the case of spam is likely an innocent victim).
While it does avoid sending the body of the original mail, so isn't perpetuating the spam problem through backscatter, it is still an annoyance, and may lead to complaints against the mailgun account.
- Reject unrecognized destination addresses before the incoming mail is accepted. This should result in the originating server handling the failure as a bounce without implicating the Phabricator installation.
- Document the addresses that inbound mail actually uses, so more specific pattern matching rules can be set up in mailgun instead of a catch_all.
- An option to not send out such Error messages.