Solved

How to stop postfix sending auto replys (generating backscatter)

Posted on 2008-10-13
4
1,812 Views
Last Modified: 2013-11-30
We use postfix, on out internet mail gateway, and have been used to send backscatter spam die to the fact that we have had most of our reject codes set to 550, e.g. unknown_address_reject_code = 550

What code should I use to just drop the message with no warning/auto reply?

In the mean time I have set the server to 450, but this will (eventually) cause a bounce from the originating server.

I read somewhere that i could use REJECT, but can't find any mention of that in the postfix documentation.

Any pointers would be hugely appreciated.
Thanks for reading.
0
Comment
Question by:Wibble_
  • 2
  • 2
4 Comments
 
LVL 19

Expert Comment

by:bevhost
ID: 22701272
REJECT will send a 550 or (some other 5XX) code anyway.
The only way to prevent a bounce is to accept the message and then trash it.

Using 4XX (eg 450) messages is advisable if the error condition could resolve itself over time (eg dns lookup error), but if you know it's a permanent fatal error then a 5xx error is the way to go otherwise the sending server will just keep trying to resend until it times out.

0
 

Author Comment

by:Wibble_
ID: 22701834
OK, so I should be using something like a 571 (Delivery not authorized, message refused) and then dropping the auto reply into /dev/null?

If that is the case, how do I get postfix to re-route the automatic responses?

0
 
LVL 19

Accepted Solution

by:
bevhost earned 500 total points
ID: 22705977
As soon as you issue an error the sending MTA will generate an Non Delivery Report.
Since it is the sending MTA that generates the NDR, not the receiving MTA (yours), you cannot block it.

If you don't want a bounce you must accept the entire message and then trash it.

Some servers will receive the entire message and then create new message (which is an NDR) but this is a bad way of doing things, because the backscatter is sent to the (possible forged) proported sender.

At least a 450 or 550 keeps the message from leaving the sending MTA. (ie the one with the spamming client)

ie. The backscatter is not coming from you.

0
 

Author Comment

by:Wibble_
ID: 22776018
Although not ideal, i suppose 450's are the way to go :-/
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Granting full access permission allows users to access mailboxes present in their database. By giving full access permission one can open and read the content of any mailbox but cannot send emails from that mailbox.
Resolve DNS query failed errors for Exchange
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question