I just received notification from mxtoolbox.com that our outgoing mail server has been listed by backscatterer.org as a source of backscatter.
The problem is, that I can't reproduce the problem except by being a relay host (which the default Exim configuration allows). That spammers would try this route at all seems pretty boneheaded to me, in this age of botnet viruses doing an end-run around mail gateways and all that. For example, if I were to try to run `exim -bh 206.190.54.127` (one of Yahoo's MXes), I get the following: mail from: [email protected] 250 OK rcpt to: [email protected] 550 Unrouteable address While trying to do the same thing from an IP address in our relay_from_hosts list, generates a bounce message later: mail from: [email protected] 250 OK rcpt to: [email protected] 250 Accepted So is there some kind of virus out there that goes out of its way to break backscatterer.org by attempting to list every legitimate mail server in the world or something? Because that's the only possible explanation for what's going on here. Spammers trying to actually send spam in this way would just get relay servers DNSBLed in short order, rendering them useless for entire networks. Or maybe this has more to do with backscatterer.org's Express Delisting "service"? Are they now trying to blackmail us? -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
