2010/3/22 - <[email protected]>: > --- On Mon, 3/22/10, Jakub Wasielewski <[email protected]> wrote: >> I recently discovered some nasty backscatter technique which I don't >> know how to stop. It only occurs on backup MX server (sendmail 8.14.0) >> who checks for valid recipients using md_check_against_smtp_server(). >> >> The SMTP session looks like this: >> >> Connected to xxx.xxx.xxx.130. >> Escape character is '^]'. >> 220 my_backup_mx ESMTP >> helo example.com >> 250 my_backup_mx Hello example.com [xxx.xxx.xxx], pleased to meet you >> mail from:<[email protected]> >> 250 2.1.0 <[email protected]>... Sender ok > > Here's your problem. You haven't checked the sender against SPF. See my Wed > Feb 24 2010 00:39:23 message for details on how to do this. Forged messages > will be stopped here and no DSN generated. Only non-forged messages may > continue. If the sender hasn't protected his domain by creating an SPF > record for it, any backscatter is HIS problem, not yours.
True unless sender is a spamtrap of some dnsbl list - than you're listed and problem is yours ;) >> rcpt to:<[email protected]> >> 554 5.7.1 <[email protected]>: Recipient >> address rejected: User unknown > > Since you have rejected it, you shouldn't be generating an NDR type DSN at > all. You are definently misconfigured. I definitely think so and that is why I'm writing here to find what is wrong. I dunno if sendmail or mimedefang generates this DSN's, it is something wrong in my sendmail.cf or in mimedefang-filter. Cheers, -- Jakub Wasielewski _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
