Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 7th May 2009, 04:25
sufehmi sufehmi is offline
HowtoForge Supporter
 
Join Date: May 2009
Posts: 4
Thanks: 2
Thanked 0 Times in 0 Posts
Smile Perfect Server : misdirected bounce (complained by SpamCop)

Hi, I've setup some servers using the Perfect Server guide for Hardy : http://www.howtoforge.com/perfect-se...ntu8.04-lts-p5



Today I got a warning from the datacenter, telling that one of my server has been used for spamming. It threatened to disconnect my server is nothing is done about it.
And also there's a prospect that my server will be blacklisted by SpamCop, causing problem for everyone hosted in that machine.


Personally I was very surprised, and curious : how ?



Turned out the spammers are using misdirected bounces : http://www.spamcop.net/fom-serve/cache/329.html#bounces



OK, I thought this should be pretty easy to solve; years ago I was messing with OpenBSD 3.x as mailserver; and I think it's just changing a single setting in Amavis. But I couldn't remember which. Anyway, the "perfect server" howto doesn't use Amavis, so it had to be done in Postfix.

Let's recap: I want to disable ALL bounces.

With this in mind, I googled around. Unfortunately, everything I found was much more complex than I expected, and even then I doubt that it'd solve my problem WITHOUT the potential of causing more troubles.

I thought it'd be as simple as a single line setting in main.cf, such as "smtpd_recipient_restrictions = reject_unknown_recipient". But, there's no such setting.

The article at http://www.postfix.org/BACKSCATTER_README.html is useless too. Because it said "configure Postfix to reject all mail for non-existent recipients", but then the instructions are for local_maps; while the "perfect server" howto uses virtual_maps.

At the moment I've read numerous articles and still stuck.
Anyone got a hint on how to do this ? (disable all bounces)


Thanks,
Harry

attached: warning from SpamCop :

Code:
From: "Admin SS427" <4111230831@reports.spamcop.net>
To: abuse@iweb.com
Date: Tue, 05 May 2009 16:07:46 -0700
Subject: [SpamCop (72.55.164.228) id:4111230831]Undelivered Mail Returned to Sender
[ SpamCop V4.5.0.102 ]
This message is brief for your comfort.  Please use links below for details.

Unsolicited bounce from: 72.55.164.228
http://www.spamcop.net/w3m?i=z4111230831z3b503a5f9de11453e213b556de3d0967z
72.55.164.228 appears to be sending unsolicited bounces, please see:
http://www.spamcop.net/fom-serve/cache/329.html


This is an email abuse report for an email message received from IP source  on Tue, 05 May 2009 16:07:46 -0700
For more information about this format please see http://www.mipassoc.org/arf/
To change ARF message format to SpamCop format change settings on your preferences page: http://www.spamcop.net/mcgi?action=showispprefs



---------- Forwarded message ----------
From: MAILER-DAEMON@server03.abangadek.com (Mail Delivery System)
To: nonchalanceh74@ssmx.com
Date: Tue, 5 May 2009 19:07:44 -0400 (EDT)
Subject: Undelivered Mail Returned to Sender
This is the mail system at host server03.abangadek.com.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                  The mail system

<net@cepat.abangadek.com>: mail for cepat.abangadek.com loops back to myself

Final-Recipient: rfc822; net@cepat.abangadek.com
Original-Recipient: rfc822;net@cepat.abangadek.com
Action: failed
Status: 5.4.6
Diagnostic-Code: X-Postfix; mail for cepat.abangadek.com loops back to myself


---------- Forwarded message ----------
From: "Alden Perez" <nonchalanceh74@ssmx.com>
To: <net@cepat.abangadek.com>
Date: Tue, 5 May 2009 20:07:07 -0300
Subject: Doping for your porksword!
Reply With Quote
Sponsored Links
  #2  
Old 7th May 2009, 18:04
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

This might help:
http://archives.neohapsis.com/archiv...2-04/1404.html
http://209.85.129.132/search?q=cache...ient=firefox-a
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
sufehmi (8th May 2009)
  #3  
Old 8th May 2009, 04:39
sufehmi sufehmi is offline
HowtoForge Supporter
 
Join Date: May 2009
Posts: 4
Thanks: 2
Thanked 0 Times in 0 Posts
Default

Thanks Falco.

I've added soft_bounce = yes to postfix's /etc/postfix/main.cf

It'll cause postfix not to send any bounces. Which is what I need.

However, instead of dropping the email; postfix will defer it. So the problematic emails will stay in queues.
Clearly I won't be able to use this setting for extended period. However, it helps to avoid being blacklisted by SpamCop for the time being

So I'll keep looking. If anyone knows a more permanent solution, please do share it with us as well.


Thanks
Harry
Reply With Quote
  #4  
Old 8th May 2009, 05:03
sufehmi sufehmi is offline
HowtoForge Supporter
 
Join Date: May 2009
Posts: 4
Thanks: 2
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by sufehmi View Post
Thanks Falco.
argh, I meant Falko


Thanks, HS
Reply With Quote
  #5  
Old 11th June 2009, 13:05
lieblm lieblm is offline
Junior Member
 
Join Date: Jun 2009
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

Dear Harry,
I am facing similar problem on my system. Thanks for the tip to switch on the soft_bounce, it temporarily works for me as well. If you find more permanent solution, please post it here. I will do likewise.
Regards
Martin
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
User unknown in relay recipient table Taxick Installation/Configuration 12 9th April 2013 12:31
Cannot Log In after perfect desktop/perfect server setup jkrell HOWTO-Related Questions 3 22nd December 2008 06:43
Howtoforge the perfect Server(links) rini90 Installation/Configuration 0 14th December 2008 10:58
subdomain and mail relay configuration aranthorn Installation/Configuration 24 3rd September 2007 22:53
The Perfect Setup Suse 9.3 - Postfix problems new_bee05 HOWTO-Related Questions 20 25th November 2005 02:30


All times are GMT +2. The time now is 14:15.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.