http://www.backscatterer.org

General eFa discussion
Post Reply
nicola.piazzi
Posts: 388
Joined: 23 Apr 2015 09:45

http://www.backscatterer.org

Post by nicola.piazzi »

My mailserver ip is blacklisted by this site,
They ask me money for immediate delisting and there is no way to contact them

I have efa configured to accept our domain only and it check in ldap for recipent at smtp level
when is not present it give reject immediately and have no bounces

I watch log at time they specified and there is no messages outgoing

what do you think about this site ?

Cattura.PNG
Cattura.PNG (43.29 KiB) Viewed 8591 times
henk
Posts: 517
Joined: 14 Dec 2015 22:16
Location: Netherlands
Contact:

Re: http://www.backscatterer.org

Post by henk »

Hi Nicola,

Check again ;) https://mxtoolbox.com/SuperTool.aspx?ac ... n=toolpage
or https://www.dnsbl.info/dnsbl-database-check.php

Are you sure Efa is the only system that can send outbound -NDR-mail?
To be sure add some firewall smtp / smtp ports rules on mail traffic and activate logging on these rules.
“We are stuck with technology when what we really want is just stuff that works.” -Douglas Adams
nicola.piazzi
Posts: 388
Joined: 23 Apr 2015 09:45

Re: http://www.backscatterer.org

Post by nicola.piazzi »

Hi henk
only efa can send mail using that ip address, it have its dedicate ip with nat 1 to 1
User avatar
shawniverson
Posts: 3644
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: http://www.backscatterer.org

Post by shawniverson »

Be sure to check that the ip range that eFa is not sending out bad smtp traffic as well, and make sure Notify Senders is off in MailScanner or set to only notify on your local domains with a ruleset.
nicola.piazzi
Posts: 388
Joined: 23 Apr 2015 09:45

Re: http://www.backscatterer.org SOLVED

Post by nicola.piazzi »

Hi Shawn & henk
I found problem

efa query ldap and reject at conversation level so is impossible that it accept for other domains

impossible ? yes but ldap query returns also AD contacts recipients !!!

So if you have some contacts defined in ad that have other domains ldap query consider it valid
and it they bounces is a backscatter

so is not a good thing
I think that is needed a directive in ldap_relay_recipient_maps.cf to filter contacts

or can be done adding domain to this filter

query_filter = (|(proxyAddresses=smtp:%s) (proxyAddresses=SMTP:%s))
nicola.piazzi
Posts: 388
Joined: 23 Apr 2015 09:45

PRECISATION

Post by nicola.piazzi »

Hi
When i create an AD CONTACT there is a creation rule that create also an address with principal domain

4 example suppose that i need to crete a contact named John Red that belong to motoroil.com

I create a contact that have
SMTP:john.red@motoroil.com
But Exchange rule add also
smtp:john.red@mycompany.it

When someone send a message to john.red@mycompany.it Postfix accept it because mycompany.it is principal domain then Exchange try to send this email to principal john.red@motoroil.com

motoroil.com reject this mail as spam and then Exchange generate an NDR directed to the sender that is a spoofed sender and backscatterer mark me

Problem is that Exchange create by default a duplicate of each contact that have same name but master domain
Post Reply