Email Backscatter check

Hi All,

We recently ended up on a blacklist at backscatterer.org

How can I check if my email server can be explioted by a backscatter?

many thank
LVL 2
detox1978Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Alan HardistyCo-OwnerCommented:
0
detox1978Author Commented:
thanks.

We are running Lotus Notes.  Any idea how we can stop it using Lotus notes?

Or confirm it's happening using lotus Notes?
0
Alan HardistyCo-OwnerCommented:
Sorry - not touched Notes since 1995!
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

detox1978Author Commented:
Is there a way to tell if my server is vulnerable to backscatter?  maybe via telnet?

I found this post link, but my server returns

550 Requested action not taken: mailbox unavailable
0
detox1978Author Commented:
thanks for the links.

So do I just need to disable NDR's?
0
Alan HardistyCo-OwnerCommented:
No - disabling NDR's violates RFC standards.
0
detox1978Author Commented:
So how do I stop it?
0
Alan HardistyCo-OwnerCommented:
The only way is to reject emails destined for invalid recipients.

If Notes cannot do that, then you need a 3rd party tool to do that for you.

Alan
0
detox1978Author Commented:
how do I reject the invalid mail and allow NDR?
0
Alan HardistyCo-OwnerCommented:
I can't tell you about notes and it's capabilities as I have already mentioned.

The key is to get either Lotus Notes or a 3rd party spam filter to validate the Recipient's email addresses on inbound emails and reject anything that is being sent to an address that doesn't exist.  If you accept it and then Notes can't find a valid mailbox for the email, it will force Notes to return an NDR message to the supposed sender of the email and that is where you problem stems from.

Spammers will spoof the sender address and when you return an NDR back to a spoofed sender address that has been harvested and that address is one that has never been advertised, but left hidden for spammers to find, then you will get blacklisted on backscatterer.org.

If you reject the message because it isn't destined for a valid email address, then the sender is responsible for sending the NDR, not your system and that will resolve the issue.

Not sure if this page helps you:

http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/index.jsp?topic=%2Fcom.ibm.help.domino.admin85.doc%2FH_RESTRICTING_WHO_CAN_RECEIVE_MAIL_FROM_THE_INTERNET_STEPS.html

Seems like you need to enable the following filter:

"Verify that local domain recipients exist in the Domino Directory"

Alan
0
detox1978Author Commented:
Ok, I've configured the server to reject the mail if the sender is unknown.

How do I test to see if it can be exploited for backscatter?

This isn't a Lotus Notes or Exchange question, as the spammer wont have access to the server just SMTP.
0
Alan HardistyCo-OwnerCommented:
You can test from a command prompt using telnet:

telnet mail.yourdomain.com 25

helo whatever.domain.com

mail from: you@yourtestaddress.com
(response should be similar to 250 2.1.0 you@yourtestaddress.com… Sender ok

rcpt to: madeupaddress@yournotesdomain.com
(Response should be similar to 550 5.1.1 madeupaddress@yournotesdomain.com… User unknown)

If you don't see the User Unknown, then you are still wide open for Backscatter.

Alan
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
detox1978Author Commented:
Excellent thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Lotus IBM

From novice to tech pro — start learning today.