watermarking and spam mail loops?
mkettler at evi-inc.com
Thu Aug 30 20:23:06 IST 2007
Jeff A. Earickson wrote:
> I'm trying to understand watermarking from the list archives
> (I took a month off the list), and I don't get it. It looks
> like it might be useful for killing spam-caused mail loops
> between my front-end sendmail/MailScanner mail-relay and my
> backend local-delivery box. The scene is:
> 1) spammer with bogus return sends to a nonexistent Colby
> email address.
> 2) if MailScanner doesn't kill it as spam, it gets relayed
> onto the backend system, who doesn't know the recipient.
> 3) the backend system is configured to send all non-local
> email to the front-end box, who sees that it is supposed
> to go to nonexistent Colby address, sent to the back-end,
> return to step 2 until 26 hops have been hit. Then drop
> in postmaster's lap.
> The summary of mail headers is below. I notice that the
> X-Colby-MailScanner-Watermark is different on every iteration.
> Can watermarking be used to kill this mail loop early on?
Probably not.. the watermark should apply to your own bounce messages.
A substantially better solution would be to configure your sendmail to use
something like milter-ahead, or a ldap based check to make sure the recipient is
valid before you accept the email in the first place.
As a bonus, you won't be blacklisted for backscatter-spamming people when the
return address used by a spammer is valid, but is forged.
More information about the MailScanner