watermarking and spam mail loops?

Matt Kettler mkettler at evi-inc.com
Thu Aug 30 20:23:06 IST 2007

Jeff A. Earickson wrote:
> Gang,
> I'm trying to understand watermarking from the list archives
> (I took a month off the list), and I don't get it.  It looks
> like it might be useful for killing spam-caused mail loops
> between my front-end sendmail/MailScanner mail-relay and my
> backend local-delivery box.  The scene is:
> 1) spammer with bogus return sends to a nonexistent Colby
>    email address.
> 2) if MailScanner doesn't kill it as spam, it gets relayed
>    onto the backend system, who doesn't know the recipient.
> 3)  the backend system is configured to send all non-local
>    email to the front-end box, who sees that it is supposed
>    to go to nonexistent Colby address, sent to the back-end,
>    return to step 2 until 26 hops have been hit.  Then drop
>    in postmaster's lap.
> The summary of mail headers is below.  I notice that the 
> X-Colby-MailScanner-Watermark is different on every iteration.
> Can watermarking be used to kill this mail loop early on?

Probably not.. the watermark should apply to your own bounce messages.

A substantially better solution would be to configure your sendmail to use 
something like milter-ahead, or a ldap based check to make sure the recipient is 
valid before you accept the email in the first place.

As a bonus, you won't be blacklisted for backscatter-spamming people when the 
return address used by a spammer is valid, but is forged.

More information about the MailScanner mailing list