preventing backscatter at the source

Mark Nienberg gmane at tippingmar.com
Fri Mar 28 18:57:09 GMT 2008


The solutions discussed in the "backscatter problem" thread are all about preventing 
delivery of backscatter to our users.  Does anyone have information on preventing my 
mail server from generating backscatter in the first place?  I'd like to avoid 
sending bounce messages to innocent victims of address spoofing.

One thought I had was checking SPF records before sending a DSN, but I'm not sure if 
milter-SPF could do this as it is not the normal sequence.

The headers below that that google sends DSNs to addresses it knows are spoofed.  Can 
I do better?

Mark


    ----- Original message -----

Received: by 10.82.127.14 with SMTP id z14mr20702976buc.3.1205350830492;
         Wed, 12 Mar 2008 12:40:30 -0700 (PDT)
Return-Path: <xxxx at tippingmar.com>
Received: from equipo-11 ([190.3.243.146])
         by mx.google.com with SMTP id 4si11810172fge.3.2008.03.12.12.40.24;
         Wed, 12 Mar 2008 12:40:30 -0700 (PDT)
Received-SPF: fail (google.com: domain of xxxx at tippingmar.com does not designate 
190.3.243.146 as permitted sender) client-ip=190.3.243.146;
Authentication-Results: mx.google.com; spf=hardfail (google.com: domain of 
xxxx at tippingmar.com does not designate 190.3.243.146 as permitted sender) 
smtp.mail=xxxx at tippingmar.com
Date: Wed, 12 Mar 2008 12:40:29 -0700 (PDT)
Content-Return: allowed



More information about the MailScanner mailing list