Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How to stop postfix sending auto replys (generating backscatter)

Posted on 2008-10-13
4
Medium Priority
?
1,839 Views
Last Modified: 2013-11-30
We use postfix, on out internet mail gateway, and have been used to send backscatter spam die to the fact that we have had most of our reject codes set to 550, e.g. unknown_address_reject_code = 550

What code should I use to just drop the message with no warning/auto reply?

In the mean time I have set the server to 450, but this will (eventually) cause a bounce from the originating server.

I read somewhere that i could use REJECT, but can't find any mention of that in the postfix documentation.

Any pointers would be hugely appreciated.
Thanks for reading.
0
Comment
Question by:Wibble_
  • 2
  • 2
4 Comments
 
LVL 19

Expert Comment

by:bevhost
ID: 22701272
REJECT will send a 550 or (some other 5XX) code anyway.
The only way to prevent a bounce is to accept the message and then trash it.

Using 4XX (eg 450) messages is advisable if the error condition could resolve itself over time (eg dns lookup error), but if you know it's a permanent fatal error then a 5xx error is the way to go otherwise the sending server will just keep trying to resend until it times out.

0
 

Author Comment

by:Wibble_
ID: 22701834
OK, so I should be using something like a 571 (Delivery not authorized, message refused) and then dropping the auto reply into /dev/null?

If that is the case, how do I get postfix to re-route the automatic responses?

0
 
LVL 19

Accepted Solution

by:
bevhost earned 2000 total points
ID: 22705977
As soon as you issue an error the sending MTA will generate an Non Delivery Report.
Since it is the sending MTA that generates the NDR, not the receiving MTA (yours), you cannot block it.

If you don't want a bounce you must accept the entire message and then trash it.

Some servers will receive the entire message and then create new message (which is an NDR) but this is a bad way of doing things, because the backscatter is sent to the (possible forged) proported sender.

At least a 450 or 550 keeps the message from leaving the sending MTA. (ie the one with the spamming client)

ie. The backscatter is not coming from you.

0
 

Author Comment

by:Wibble_
ID: 22776018
Although not ideal, i suppose 450's are the way to go :-/
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you’re making plans to join the modern business race, you should analyze various details that may affect your results. Nowadays, millions of businesses are trying to grow into established and appreciated professional enterprises.
Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question