Re: [IMail Forum] Spamcop Blacklisting

[Dave Doherty]

Jasmine-   1) Check every domain on your server for a "nobody" alias. Delete any that you find. 2) Check all the rules, and change any whose action is "bounce" to "delete".   Here are the details:   1) Imail accepts mail for each valid address, whether that is a mailbox or an alias (or in some cases a list), and rejects any mail addressed to anyone else. Dictionary attackers send mail to random addresses at a known-good domain, hoping to deliver as much spam as possible. Your IMail server will reject all messages from these attackers with a "550" error - unknown addressee - even before the message is delivered to the server.   However, there is a special alias that almost all mail servers have. In IMail it is called "nobody" but other servers have different names for it. It is a default alias that allows the domain to accept all mail that doesn't match any of the mailboxes, aliases, or list addresses.   In the early days of the Internet, it was a great thing because it allowed for a company to set up a "dead letter" mailbox that accepted all misdirected mail. Somebody could go through it and look for messages addressed to "dafe" instead of "dave", for example. It was also used as a general mailbox, so if somebody sent a message blindly to "president@"  or "sales@" it would go to a central person who could forward such requests to the appropriate people within the organization.   Once the dictionary attacks started, the nobody alias became worthless. I get an average of more than 300,000 misdirected messages a day on my gateways and mail servers, and I have seen as many as 2.5 million on a bad day. Nobody is going to look at 300,000 messages a day and manually redirect them. So the best you can do is delete the nobody alias, which gets an error message right back to the sender that the address is wrong.   If you keep the nobody alias, whichever mailbox is the target probably will be overwhelmed. It will fill up and start sending "mailbox full" bounce messages. Your bandwidth will get eaten up, and your server will have to deal with the influx.   2) Any mail rules you have implemented on your server act on messages that have gotten to mailboxes. If you are doing some form of spam trapping by rules, then you should delete the trapped messages rather than bouncing them. The spammers use real "from" addresses that belong to inncocent third parties, and so a bounce message looks like spam to the legitimate owner of that mailbox.   -Dave Doherty  Skywaves, Inc.  508-425-7176  [EMAIL PROTECTED]       ----- Original Message ----- From: Jasmine Marin To: Imail_Forum@list.ipswitch.com Sent: Friday, November 10, 2006 9:50 AM Subject: [IMail Forum] Spamcop Blacklisting I keep getting blacklisted by Spamcop because:  “It appears this listing is caused by misdirected bounces. We have a FAQ which covers this topic: Why auto-responses are bad (Misdirected bounces). Please read this FAQ and heed the advice contained in it.”   I read up on the FAQ about this and they pretty much said that the problem is that our mail server accepts all mail, then determines whether it can deliver it, and if it can’t at that point it bounces it. They say we need to change the settings in IMail to bounce mail immediately before accepting it. Is this possible? I’m sure I’m not the only person who has run into this.   Thanks Jasmine Marin - Jade Inc. [EMAIL PROTECTED] Tel: (614) 751-7900 www.jadeinc.com