Solved

How to stop postfix sending auto replys (generating backscatter)

Posted on 2008-10-13
4
1,808 Views
Last Modified: 2013-11-30
We use postfix, on out internet mail gateway, and have been used to send backscatter spam die to the fact that we have had most of our reject codes set to 550, e.g. unknown_address_reject_code = 550

What code should I use to just drop the message with no warning/auto reply?

In the mean time I have set the server to 450, but this will (eventually) cause a bounce from the originating server.

I read somewhere that i could use REJECT, but can't find any mention of that in the postfix documentation.

Any pointers would be hugely appreciated.
Thanks for reading.
0
Comment
Question by:Wibble_
  • 2
  • 2
4 Comments
 
LVL 19

Expert Comment

by:bevhost
ID: 22701272
REJECT will send a 550 or (some other 5XX) code anyway.
The only way to prevent a bounce is to accept the message and then trash it.

Using 4XX (eg 450) messages is advisable if the error condition could resolve itself over time (eg dns lookup error), but if you know it's a permanent fatal error then a 5xx error is the way to go otherwise the sending server will just keep trying to resend until it times out.

0
 

Author Comment

by:Wibble_
ID: 22701834
OK, so I should be using something like a 571 (Delivery not authorized, message refused) and then dropping the auto reply into /dev/null?

If that is the case, how do I get postfix to re-route the automatic responses?

0
 
LVL 19

Accepted Solution

by:
bevhost earned 500 total points
ID: 22705977
As soon as you issue an error the sending MTA will generate an Non Delivery Report.
Since it is the sending MTA that generates the NDR, not the receiving MTA (yours), you cannot block it.

If you don't want a bounce you must accept the entire message and then trash it.

Some servers will receive the entire message and then create new message (which is an NDR) but this is a bad way of doing things, because the backscatter is sent to the (possible forged) proported sender.

At least a 450 or 550 keeps the message from leaving the sending MTA. (ie the one with the spamming client)

ie. The backscatter is not coming from you.

0
 

Author Comment

by:Wibble_
ID: 22776018
Although not ideal, i suppose 450's are the way to go :-/
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

There was an incident about the POP3 issue for the double read receipts and delivery receipts in Exchange 2013.  There was huge research been done and found solution for the duplicate mails. Especially when the user gets  duplicate mails.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
Familiarize people with the process of utilizing SQL Server functions from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Microsoft Ac…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now