--- On Mon, 3/22/10, Jakub Wasielewski <[email protected]> wrote: > I recently discovered some nasty backscatter technique which I don't > know how to stop. It only occurs on backup MX server (sendmail 8.14.0) > who checks for valid recipients using md_check_against_smtp_server(). > > The SMTP session looks like this: > > Connected to xxx.xxx.xxx.130. > Escape character is '^]'. > 220 my_backup_mx ESMTP > helo example.com > 250 my_backup_mx Hello example.com [xxx.xxx.xxx], pleased to meet you > mail from:<[email protected]> > 250 2.1.0 <[email protected]>... Sender ok
Here's your problem. You haven't checked the sender against SPF. See my Wed Feb 24 2010 00:39:23 message for details on how to do this. Forged messages will be stopped here and no DSN generated. Only non-forged messages may continue. If the sender hasn't protected his domain by creating an SPF record for it, any backscatter is HIS problem, not yours. > rcpt to:<[email protected]> > 554 5.7.1 <[email protected]>: Recipient > address rejected: User unknown Since you have rejected it, you shouldn't be generating an NDR type DSN at all. You are definently misconfigured. _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
