detox1978
asked on
Email Backscatter check
Hi All,
We recently ended up on a blacklist at backscatterer.org
How can I check if my email server can be explioted by a backscatter?
many thank
We recently ended up on a blacklist at backscatterer.org
How can I check if my email server can be explioted by a backscatter?
many thank
ASKER
thanks.
We are running Lotus Notes. Any idea how we can stop it using Lotus notes?
Or confirm it's happening using lotus Notes?
We are running Lotus Notes. Any idea how we can stop it using Lotus notes?
Or confirm it's happening using lotus Notes?
Sorry - not touched Notes since 1995!
ASKER
Is there a way to tell if my server is vulnerable to backscatter? maybe via telnet?
I found this post link, but my server returns
I found this post link, but my server returns
550 Requested action not taken: mailbox unavailable
Hi there,,
All what I can do is to recommend refering to these URLs
http://en.wikipedia.org/wiki/Backscatter_(email)
http://ipswitchmsg.force.com/kb/articles/FAQ/Getting-listed-for-Backscatter-by-Backscatterer-org-1307739588314
http://vamsoft.com/support/docs/articles/how-to-stop-backscatter
Best Regards
All what I can do is to recommend refering to these URLs
http://en.wikipedia.org/wiki/Backscatter_(email)
http://ipswitchmsg.force.com/kb/articles/FAQ/Getting-listed-for-Backscatter-by-Backscatterer-org-1307739588314
http://vamsoft.com/support/docs/articles/how-to-stop-backscatter
Best Regards
ASKER
thanks for the links.
So do I just need to disable NDR's?
So do I just need to disable NDR's?
No - disabling NDR's violates RFC standards.
ASKER
So how do I stop it?
The only way is to reject emails destined for invalid recipients.
If Notes cannot do that, then you need a 3rd party tool to do that for you.
Alan
If Notes cannot do that, then you need a 3rd party tool to do that for you.
Alan
ASKER
how do I reject the invalid mail and allow NDR?
I can't tell you about notes and it's capabilities as I have already mentioned.
The key is to get either Lotus Notes or a 3rd party spam filter to validate the Recipient's email addresses on inbound emails and reject anything that is being sent to an address that doesn't exist. If you accept it and then Notes can't find a valid mailbox for the email, it will force Notes to return an NDR message to the supposed sender of the email and that is where you problem stems from.
Spammers will spoof the sender address and when you return an NDR back to a spoofed sender address that has been harvested and that address is one that has never been advertised, but left hidden for spammers to find, then you will get blacklisted on backscatterer.org.
If you reject the message because it isn't destined for a valid email address, then the sender is responsible for sending the NDR, not your system and that will resolve the issue.
Not sure if this page helps you:
http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/index.jsp?topic=%2Fcom.ibm.help.domino.admin85.doc%2FH_RESTRICTING_WHO_CAN_RECEIVE_MAIL_FROM_THE_INTERNET_STEPS.html
Seems like you need to enable the following filter:
"Verify that local domain recipients exist in the Domino Directory"
Alan
The key is to get either Lotus Notes or a 3rd party spam filter to validate the Recipient's email addresses on inbound emails and reject anything that is being sent to an address that doesn't exist. If you accept it and then Notes can't find a valid mailbox for the email, it will force Notes to return an NDR message to the supposed sender of the email and that is where you problem stems from.
Spammers will spoof the sender address and when you return an NDR back to a spoofed sender address that has been harvested and that address is one that has never been advertised, but left hidden for spammers to find, then you will get blacklisted on backscatterer.org.
If you reject the message because it isn't destined for a valid email address, then the sender is responsible for sending the NDR, not your system and that will resolve the issue.
Not sure if this page helps you:
http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/index.jsp?topic=%2Fcom.ibm.help.domino.admin85.doc%2FH_RESTRICTING_WHO_CAN_RECEIVE_MAIL_FROM_THE_INTERNET_STEPS.html
Seems like you need to enable the following filter:
"Verify that local domain recipients exist in the Domino Directory"
Alan
ASKER
Ok, I've configured the server to reject the mail if the sender is unknown.
How do I test to see if it can be exploited for backscatter?
This isn't a Lotus Notes or Exchange question, as the spammer wont have access to the server just SMTP.
How do I test to see if it can be exploited for backscatter?
This isn't a Lotus Notes or Exchange question, as the spammer wont have access to the server just SMTP.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Excellent thanks
https://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_4257-Exchange-2007-2010-Backscatter-and-how-to-resolve-it.html
Alan