backscatter problem on newly deployed server

Discussion in 'HOWTO-Related Questions' started by cortexx, Aug 21, 2012.

  1. cortexx

    cortexx New Member

    Using the The Perfect Server - CentOS 6.3 x86_64 (nginx, Dovecot, ISPConfig 3) guide we have deployed a webserver but are having horrible backscatter problems and need to know how to fix it.

    From what i understand we need to set a directive that drops all incoming requests for mail accounts that dont exist on the server.

    please advise ?

    thanks ;)
     
  2. till

    till Super Moderator

    Please describe your mail setup in detail. Backsactter can only occur when you redirect email with a wildcard transport between 2 servers where the first server accepts all emails instead o accepting only the allowed emails, so thats nothin that can happen in a normal setup which uses normalmailboxes and local domains. So the source of the problem is the first server that redirects the emails and not the second one that receives them, you have to configure the redirecting server (which is the initial receiving point) to only accept mails for mailboxes that exist on the second server. If the first server is a ispconfig system, then you do this under Mail > Relay recipients by adding only the email addresses ther that exist on the second server. Dont add any domains there as this would be a wildcard which can produce backscatter.
     
  3. cortexx

    cortexx New Member

    Hi Till thanks for the quick response .

    The centOS ispconfig 3 server is running as a standalone server at the moment . No other servers are available on our network .

    here is a typical mail log - shows we are blacklisted because of the backscatter , but shows you the rest of the log too.

    Aug 21 18:19:56 neptune postfix/smtp[18873]: 630812E5BE2: to=, relay=cdptpa-smtpin02.mail.rr.com[75.180.132.244]:25, delay=64323, delays=64302/0.01/21/0, dsn=4.7.1, status=deferred (host cdptpa-smtpin02.mail.rr.com[75.180.132.244] refused to talk to me: 554 5.7.1 - ERROR: Mail refused - <XXX.XXX.XXX.XXX> - See http://postmaster.rr.com/amIBlockedByRR?ip=XXX.XXX.XXX.XXX)

    XXX is our ip x'd out :)


    Also , the time on the server is wrong .

    if i use "date" in the console i get

    Tue Aug 21 17:05:06 CEST 2012

    if i send an email to myself it sayes it was recieved by the server at 8/21/2012 11:06 AM .

    how can i remedy that ?

    thanks
     
    Last edited: Aug 21, 2012
  4. cortexx

    cortexx New Member

    meanwhile on the ispconfig3 server interface itself i get this

    Mail Queue (Server : neptune.ibcbrantford.com)

    Data from: 2012-08-21 19:45
    Mail queue is empty


    real time here is 5:12 pm lol
     
  5. till

    till Super Moderator

    Ok, so the server is located in your internal network? Do you forward any emails from a external server to this ispconfig server in the way that email for a domain which is configured on your internal server is received first on a external server (which can be your server or the server of your provider and does not have to be located in your internal network) and then gets forwarded by smtp to the internal system?

    Regardin the time issue: You most likely missed to set the correct time zone on the linux system or in ispconfig in the files /usr/local/ispconfig/server/lib/config.inc.php or /usr/local/ispconfig/interface/lib/config.inc.php
     

Share This Page