My mailserver ip is blacklisted by this site,
They ask me money for immediate delisting and there is no way to contact them
I have efa configured to accept our domain only and it check in ldap for recipent at smtp level
when is not present it give reject immediately and have no bounces
I watch log at time they specified and there is no messages outgoing
what do you think about this site ?
http://www.backscatterer.org
Re: http://www.backscatterer.org
Hi Nicola,
Check again https://mxtoolbox.com/SuperTool.aspx?ac ... n=toolpage
or https://www.dnsbl.info/dnsbl-database-check.php
Are you sure Efa is the only system that can send outbound -NDR-mail?
To be sure add some firewall smtp / smtp ports rules on mail traffic and activate logging on these rules.
Check again https://mxtoolbox.com/SuperTool.aspx?ac ... n=toolpage
or https://www.dnsbl.info/dnsbl-database-check.php
Are you sure Efa is the only system that can send outbound -NDR-mail?
To be sure add some firewall smtp / smtp ports rules on mail traffic and activate logging on these rules.
“We are stuck with technology when what we really want is just stuff that works.” -Douglas Adams
-
- Posts: 389
- Joined: 23 Apr 2015 09:45
Re: http://www.backscatterer.org
Hi henk
only efa can send mail using that ip address, it have its dedicate ip with nat 1 to 1
only efa can send mail using that ip address, it have its dedicate ip with nat 1 to 1
- shawniverson
- Posts: 3650
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: http://www.backscatterer.org
Be sure to check that the ip range that eFa is not sending out bad smtp traffic as well, and make sure Notify Senders is off in MailScanner or set to only notify on your local domains with a ruleset.
-
- Posts: 389
- Joined: 23 Apr 2015 09:45
Re: http://www.backscatterer.org SOLVED
Hi Shawn & henk
I found problem
efa query ldap and reject at conversation level so is impossible that it accept for other domains
impossible ? yes but ldap query returns also AD contacts recipients !!!
So if you have some contacts defined in ad that have other domains ldap query consider it valid
and it they bounces is a backscatter
so is not a good thing
I think that is needed a directive in ldap_relay_recipient_maps.cf to filter contacts
or can be done adding domain to this filter
query_filter = (|(proxyAddresses=smtp:%s) (proxyAddresses=SMTP:%s))
I found problem
efa query ldap and reject at conversation level so is impossible that it accept for other domains
impossible ? yes but ldap query returns also AD contacts recipients !!!
So if you have some contacts defined in ad that have other domains ldap query consider it valid
and it they bounces is a backscatter
so is not a good thing
I think that is needed a directive in ldap_relay_recipient_maps.cf to filter contacts
or can be done adding domain to this filter
query_filter = (|(proxyAddresses=smtp:%s) (proxyAddresses=SMTP:%s))
-
- Posts: 389
- Joined: 23 Apr 2015 09:45
PRECISATION
Hi
When i create an AD CONTACT there is a creation rule that create also an address with principal domain
4 example suppose that i need to crete a contact named John Red that belong to motoroil.com
I create a contact that have
SMTP:john.red@motoroil.com
But Exchange rule add also
smtp:john.red@mycompany.it
When someone send a message to john.red@mycompany.it Postfix accept it because mycompany.it is principal domain then Exchange try to send this email to principal john.red@motoroil.com
motoroil.com reject this mail as spam and then Exchange generate an NDR directed to the sender that is a spoofed sender and backscatterer mark me
Problem is that Exchange create by default a duplicate of each contact that have same name but master domain
When i create an AD CONTACT there is a creation rule that create also an address with principal domain
4 example suppose that i need to crete a contact named John Red that belong to motoroil.com
I create a contact that have
SMTP:john.red@motoroil.com
But Exchange rule add also
smtp:john.red@mycompany.it
When someone send a message to john.red@mycompany.it Postfix accept it because mycompany.it is principal domain then Exchange try to send this email to principal john.red@motoroil.com
motoroil.com reject this mail as spam and then Exchange generate an NDR directed to the sender that is a spoofed sender and backscatterer mark me
Problem is that Exchange create by default a duplicate of each contact that have same name but master domain