Page 1 of 1
http://www.backscatterer.org
Posted: 04 Jul 2019 15:00
by nicola.piazzi
My mailserver ip is blacklisted by this site,
They ask me money for immediate delisting and there is no way to contact them
I have efa configured to accept our domain only and it check in ldap for recipent at smtp level
when is not present it give reject immediately and have no bounces
I watch log at time they specified and there is no messages outgoing
what do you think about this site ?
- Cattura.PNG (43.29 KiB) Viewed 8645 times
Re: http://www.backscatterer.org
Posted: 04 Jul 2019 17:47
by henk
Hi Nicola,
Check again
https://mxtoolbox.com/SuperTool.aspx?ac ... n=toolpage
or
https://www.dnsbl.info/dnsbl-database-check.php
Are you sure Efa is the only system that can send outbound -NDR-mail?
To be sure add some firewall smtp / smtp ports rules on mail traffic and activate logging on these rules.
Re: http://www.backscatterer.org
Posted: 05 Jul 2019 07:11
by nicola.piazzi
Hi henk
only efa can send mail using that ip address, it have its dedicate ip with nat 1 to 1
Re: http://www.backscatterer.org
Posted: 06 Jul 2019 14:36
by shawniverson
Be sure to check that the ip range that eFa is not sending out bad smtp traffic as well, and make sure Notify Senders is off in MailScanner or set to only notify on your local domains with a ruleset.
Re: http://www.backscatterer.org SOLVED
Posted: 09 Jul 2019 14:40
by nicola.piazzi
Hi Shawn & henk
I found problem
efa query ldap and reject at conversation level so is impossible that it accept for other domains
impossible ? yes but ldap query returns also AD contacts recipients !!!
So if you have some contacts defined in ad that have other domains ldap query consider it valid
and it they bounces is a backscatter
so is not a good thing
I think that is needed a directive in ldap_relay_recipient_maps.cf to filter contacts
or can be done adding domain to this filter
query_filter = (|(proxyAddresses=smtp:%s) (proxyAddresses=SMTP:%s))
PRECISATION
Posted: 10 Jul 2019 07:58
by nicola.piazzi
Hi
When i create an AD CONTACT there is a creation rule that create also an address with principal domain
4 example suppose that i need to crete a contact named John Red that belong to motoroil.com
I create a contact that have
SMTP:
john.red@motoroil.com
But Exchange rule add also
smtp:
john.red@mycompany.it
When someone send a message to
john.red@mycompany.it Postfix accept it because mycompany.it is principal domain then Exchange try to send this email to principal
john.red@motoroil.com
motoroil.com reject this mail as spam and then Exchange generate an NDR directed to the sender that is a spoofed sender and backscatterer mark me
Problem is that Exchange create by default a duplicate of each contact that have same name but master domain