Re: Rejecting to sending IP rather than falsified domain name
- From: "J.R0wan" <sendmailnewsgroup@xxxxxxxxxxxx>
- Date: Mon, 20 Oct 2008 12:24:59 -0400
Tilman Schmidt wrote:
J.R0wan schrieb:Many of my customers are receiving thousands of bounced e-mails they never sent. The spammer has chosen their e-mail address as the From and Reply-To. The rejections show the actual source IP address the spam was sent from but since the From and/or Reply-To have a valid domain name the remote server bounces it to the domain rather than the sending IP address. I have the virtusertable set up to reject non-existent e-mail addresses but since this these are valid they end up in the users' e-mail boxes. Is there a milter out there I can incorporate in the servers I support to bounce to the source IP rather than the domain name?
Firstly, you can do nothing of the sort because the bouncing has already
happened on the machine you call "the remote server". By the time the
bounces arrive on your server they are only so many E-mails which happen
to have, as their content, misdirected notifications about non-delivery
of spam messages. So the point where the problem arises and should be
solved is outside your area of control. You might try to complain to
the remote server's administrator but in my experience that won't
achieve very much. You might also, as a last resort, block the worst
offenders by IP address, provided you don't expect any legitimate mails
from them.
Secondly, generally speaking, you can bounce neither to an IP address
nor to a domain name, but only to an E-mail address. Specifically, the
IP address you find in the rejection message will typically be the
address of a DSL dialin port which was, at the time the spam was sent,
assigned to a trojanized home PC but has long since been reassigned to
another innocent customer of the same provider, isn't even accepting
connections on port 25 anyway, and even if it did you would be left
guessing which mail addresses it might accept.
HTH
T.
Tilman, thanks for the quick response. Poor wording in my original post. I realize that I have no control over the rejections coming in from servers processing mail (received from compromised systems that in themselves won't accept connections on port 25). My virtusertable is set up with the catchall @domainname.com error:nouser 550 Invalid recipient\. Check name and resend\. If you are bouncing as undeliverable\, check actual source IP\, it did not originate from here.
after checking for valid users.
I am looking for a way to configure my servers so if they receive e-mail from an IP address with falsified From or Reply-To I bounce to the sending server rather than rejecting to the From or Reply-To.
TIA
J.
.
- Follow-Ups:
- Re: Rejecting to sending IP rather than falsified domain name
- From: Tilman Schmidt
- Re: Rejecting to sending IP rather than falsified domain name
- References:
- Rejecting to sending IP rather than falsified domain name
- From: J.R0wan
- Re: Rejecting to sending IP rather than falsified domain name
- From: Tilman Schmidt
- Rejecting to sending IP rather than falsified domain name
- Prev by Date: Re: Rejecting to sending IP rather than falsified domain name
- Next by Date: How to add a rule for MAIL_FROM
- Previous by thread: Re: Rejecting to sending IP rather than falsified domain name
- Next by thread: Re: Rejecting to sending IP rather than falsified domain name
- Index(es):
Relevant Pages
|
