SORBS a PITA on spam backscatter ...

Alex Neuman alex at nkpanama.com
Thu Jun 14 00:41:04 IST 2007


You can also mitigate the problem using milter-null in some cases, 
although it wouldn't help with your particular case right now, I think...

Jason Ede wrote:
> There are ways, using LDAP lookups, of checking for valid addresses on the MS box... If you search for MailScanner Exchange and LDAP on google it brings up a few howtos.
>
> I've had some success of checking for NDR bounces and then if the destination address is not one of ours then just flag the email as SPAM...
>
> Mind you its probably simpler to use the LDAP lookup to block illegal addresses at the MTA level and just leave it at that.
>
> Jason
>
> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Garry Glendown
> Sent: 13 June 2007 19:28
> To: MailScanner discussion
> Subject: OT: SORBS a PITA on spam backscatter ...
>
> Sorry, this is most likely somewhat off topic, but maybe I could get
> some suggestions ...
>
> One of our customers was hit by a presumably larger amount of spam
> mails, addressed to mail addresses collected somehow, but with errors in
> the addresses (first part of the mail address duplicated, like
> "johnjohn at do.main" instead of "john at do.main"). They are operating a
> multi-level mail service, with MS on our side, delivering to an SMTP
> proxy, then over through a virus scanner, and finally to the actual mail
> server (M$ Exchange). Mails are accepted, even by the Exchange server,
> which in turn generates a non-delivery receipt for wrong addresses.
>
> For outgoing mail, our central mail server is the smarthost. Which in
> turn got listed on SORBS for delivering spam backscatter ... great. As
> far as I see it, delivering the mails, which in themselves are generated
> in compliance with RFCs, is fully legitimate.
>
> What should we do? We get complaints due to the fact that certain mails
> sent from other customers are being blocked on recipient mailservers due
> to our server being SORBS-listed ...
>
> I personally do not see any way of identifying whether such a receipt
> (if I'm able to even decide that it is a non-delivery receipt) is for
> legitimate mails that couldn't be delivered, or for spam.
>
> Any suggestions?
>
> tnx, -garry
>
> --
> Orwell war ein Optimist
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>   


More information about the MailScanner mailing list