Re: undeliverable mail

Beastie MRA wrote:
On Dec 20, 2006 02:00 PM, Matthew Seaman
<m.seaman@xxxxxxxxxxxxxxxxxxxxxx> wrote:

Beastie MRA wrote:
On Dec 20, 2006 10:31 AM, Bill Vermillion <bv@xxxxxxx> wrote:

It's Wed, Dec 20, 2006 at 09:26 . I'm in a small dim room with
doors labeled "Dungeon" and "Forbidden". There is noise, the door
marked Dungeon flies open and Beastie MRA SHOUTS:

Dear All.

For past few days, my MX receive thousand of undeliverable message
destinated for my non existent user at my domain.
This message source come from valid and well configured (almost)
smtp
server on internet.
I'ts waste my internet b/w, cause my MX will reject with non
existent
user message.
I'll try spamd on my firewall and greylist on my MX (postfix), but
still
no effective, and i cannot block undeliverable
message as RFC rules

Is there any way i can fix this ?
Please help
I use the virtusertable in sendmail, and I have my valid addresses,
such as bv@xxxxxxx bv and then for after that is
a line of @wjv.com nouser.

And nouser is defined in aliases as nouser: /dev/null

On one of the mail servers I maintain I just checked and I
had 260,000+ messages routed to "*file*" in the maillog - which
shows up as mailer=*file* in the logs. That maillog rotates
every night at midnight.

Is not really a freebsd-net problem so I removed that from the
reply to line.

Bill

--
Bill Vermillion - bv @ wjv . com
Thanks for response...

but this virtusertable will not stop SMTP server in internet to keep
send you undeliverable message.
I assume someone doing nasty with forged and use my domain email to
send
his spam message to non existing user.
and i got undeliverable message.
Is there any clue ??
Oh.. i forget to mention i use 4.11-STABLE for my MX
Hmmm... SPF records are a good tool against this sort of thing.
Perhaps if you change from:

mra.co.id. "v=spf1 mx "

to

mra.co.id. "v=spf1 mx -all"

That means that SPF compliant mail servers should refuse to accept
messages (ie. a hard fail) from any machine other than the MXes for
mra.co.id See http://www.openspf.org/SPF_Record_Syntax for the full
story on SPF records.

It's not a 100% solution and it will take the spammers some time to
realise that forging your address in their e-mails is much less
effective. On the positive side, it will mean that many mailservers
reject the incoming spam during the SMTP dialog so you'll get fewer
bounce messages.

This problem exposes an architectural flaw in many e-mail server
setups. Either all of the MXes for a domain have to be able to verify
addresses on incoming e-mails and reject any non-existent destinations
during the SMTP dialog, or (like Bill does above) once a message has
been accepted by any of the mail servers for your domain, it should
never be bounced back to the (probably forged) mail address in the
headers because the recipient doesn't exist. Bouncing for other
reasons,
(like eg. mailbox over quota) does not generally add to the overall
spam
load. Normally a very simple site with just one server will get that
right,
but a more complex site with several MXes and various SMTP routers etc.
internally will frequently not.

Cheers,

Matthew

--
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW

Thanks...

i have problem with SPF record in dns , because i have serveral mobile
users and off site users
that use SMTP provide by internet provider. and i cant list it one by
one in spf record. :(

The usual solution to that is to set up authentication on your mail
server and require your mobile users to submit new messages via that
machine. Most mail clients are capable of dealing with several mail
accounts with different SMTP server fairly readily.

Enabling SASL in the stock system sendmail under FreeBSD is also fairly
simple and described in the handbook. Works for me -- I'm writing this at
work and sending it through my home mail server.

Cheers,

Matthew

--
Dr Matthew J Seaman MA, D.Phil. Flat 3
7 Priory Courtyard
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW, UK

Attachment: signature.asc
Description: OpenPGP digital signature

Relevant Pages

  • Re: undeliverable mail
    ... my MX receive thousand of undeliverable message ... This message source come from valid and well configured smtp ... server on internet. ... On one of the mail servers I maintain I just checked and I ...
    (freebsd-questions)
  • Re: Exchange 03 send problem
    ... To Test have someone NOT on Bellsouth ... bellsouth does not allow mail servers on their netowork ... There was a SMTP communication problem with the ... You need to authenticate to the SMTP server - find the SBS SMTP ...
    (microsoft.public.windows.server.sbs)
  • Re: Exchange 03 send problem
    ... To Test have someone NOT on Bellsouth ... bellsouth does not allow mail servers on their netowork ... There was a SMTP communication problem with the ... You need to authenticate to the SMTP server - find the SBS SMTP ...
    (microsoft.public.windows.server.sbs)
  • Re: Switching Between 2 Outgoing Mail Servers in Outlook Express
    ... I presume that you are connecting to the Internet via 2 different ISPs. ... check with the ISPs to see if either support SMTP Authentication. ... to use the one SMTP mail server all the time. ... If you do have to switch mail servers, there is no easy way to do that in OE. ...
    (microsoft.public.internet.mail)
  • Re: Had 2 smtp address Now have one
    ... Did you remove the second smtp address from the user accounts? ... Following is an article that discusses editing the metabase. ... > the client has split up the two companies and added a 2nd email server. ... > I get an undeliverable message back. ...
    (microsoft.public.exchange.setup)
Loading