On 7/9/2010 16:13, Administrator Beckspaced.com wrote:
On 7/9/2010 14:40, Ram wrote:
On Fri, 2010-07-09 at 13:35 +0200, Administrator Beckspaced.com wrote:
On 7/9/2010 13:27, Robert Schetterer wrote:
Am 09.07.2010 12:51, schrieb Administrator Beckspaced.com:
hello robert,
thanks a lot for your quick reply ...
actually it is not always the same IP or host sending the error
bounces ...
the bounces are sent from hundred of different IP addresses ...
any more idea?
Usually you can do very little to prevent forging your domain and
sending spam.
Some months ago one client of ours too had the same issue, but the issue
is very temporary.
The short term solution , as someone suggested, will be to temporarily
defer all NDR's with a sender check regex file like
/<>/ 450 Try Later
( The RFC's say you cant do this .. but sometimes you must be
practical :-) )
> From my personal experience I found that if , for your regular mailing
you use some sender authentication mechanism like SPF then these NDR's
significantly reduce. For eg many servers reject forged messages based
on SPF checks so you dont get NDR's from them at least.
I guess , spammers ( the more intelligent ones ... I mean ) too would
be less inclined to forge a domain that uses sender authentication
Because that will reduce the deliverability of their spams
Thanks
Ram
hello again robert & ram
thanks again for your ideas ...
so i had another search in google about that backscatter topic and
sort of found a nice, simple & also quick solution?
SAFE MODE with Postfix:
Edit /etc/postfix/main.cf:
smtpd_recipient_restrictions =
...
check_sender_access dbm:/etc/postfix/check_backscatterer
...
Create new file:/etc/postfix/check_backscatterer:
<> reject_rbl_client ips.backscatterer.org
postmaster reject_rbl_client ips.backscatterer.org
well ... had to change the postfix dbm lookup to hash and do a postmap
on the file ...
but now this seems to work as it already rejected a few emails
according to the mail log ...
more info can be found here ->
http://www.backscatterer.org
does anyone have any experience with that list?
is this a good longterm solution?
best regards
becki
hello again ram, robert & postfix users ;-)
already posted yesterday about the backscatterer.org ...
but was a bit too skeptical to do the check on ALL NDR's for ALL email
accounts on my mail server ...
so i had a look around to do the check ONLY for that specific email account.
it's actually quite easy with smtpd_restriction_classes
i thought i will write a short 'todo' as it might help some other mail
server administrators out there ... who knows?
so first thing is to setup a restriction class in main.cf ->
smtpd_restriction_classes = reject_ndr_class
reject_ndr_class = check_sender_access hash:/etc/postfix/backscatter_check
now create the backscatter_check file in /etc/postfix/
touch /etc/postfix/backscatter_check
and fill in this data
<> reject_rbl_client ips.backscatterer.org
postmaster reject_rbl_client ips.backscatterer.org
MAILER-DAEMON reject_rbl_client ips.backscatterer.org
do a postmap /etc/postfix/backscatter_check on that file to generate the
.db file
next create a file called backscatter_recipient with touch
/etc/postfix/backscatter_recipient
fill in
u...@domain.com reject_ndr_class
do a postmap /etc/postfix/backscatter_recipient
which will generate the backscatter_recipient.db file
then in main.cf under the smtpd_recipient_restrictions add the following
line ->
check_recipient_access hash:/etc/postfix/backscatter_recipient
and then a postfix reload ... restart and all should be fine as only the
email address listed in backscatter_recipient will be checked!
also only if the sender address is empty <> postmaster or MAILER-DAEMON
exactly how i wanted it ...
well ... i'm aware that this is just a short and quick fix ... but so
far it filtered out about 95% of those annoying error bounces ...
and only for that email address as defined in backscatter_check ... all
other mailbox won't get this check ...
hopefully this might help someone looking for a quick fix for the error
bounce emails ...
but ... i will shortly look into BATV as it sounds like a better
solution ;-)
http://babel.de/art20080306a.html
so ... thanks again for all your help & tips
have a nice day & lots of fun
greetings
becki
