Re: help with backscatter

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thank you for the links, this looks to be very helpful.

To those who have kindly told me to go to the Sendmail groups, I suspect Cyrus plays a part in our problem. I'm now fairly certain that our access db is misconfigured, with the reason stemming from using "To:domain.tld RELAY" as a workaround for Sendmail not delivering to Cyrus many moons ago. I don't think we should need to do this, but I distinctly recall it NOT working if we didn't have it in there. I suppose the 'duct tape' is coming unglued now. I'm currently working on putting together a development machine to try out 2.3.7 and removal of the aforementioned lines in access db.

Any pointers on whether my hunch about the access file is correct or not are welcome.

Matthew Seaman wrote:
Chris Harms wrote:

We are having some trouble with our servers sending out backscatter
spam.  I realize this is really a Sendmail issue, but if any list
readers have some insights on the best way to make Sendmail stop sending
bounces to outside domains, it would be greatly appreciated.

The general approach is that you need to decide if a message is spam or
not *during* the SMTP dialog.  In that case, you can return a 5xx error
code to the sending server directly.  If you decide the message is
spam after you've accepted it your only alternatives are to return a bounce-o-gram is to the sender address which as you've found is almost
invariably forged, or to drop the message in the bit-bucket, which is
counter to the letter of the SMTP standards and does nothing to indicate
to the spammers that they should give up and go and do something more
worthwhile.

Sendmail's milter interface allows you to filter messages through AV and
anti-spam filters -- FEATURE(`delay_checks') in your sendmail.mc file is
often useful in that case.  See http://www.sendmail.org/m4/anti_spam.html

Some milters I use:

spamass-milter:  http://savannah.nongnu.org/projects/spamass-milt/
milter-greylist: http://hcpnet.free.fr/milter-greylist/
clamav-milter:   http://www.clamav.net/

FEATURE(greet_pause) in sendmail.mc is also good at weeding out botnet
style mailers.

There's an excellent write up (of a pretty severe spam-filtering setup)
which does a good job of exploring all the various issues at:

http://www.acme.com/mail_filtering/

	Cheers,

	Matthew


----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux