Charles Gregory wrote:
On Thu, 25 Jun 2009, Arvid Picciani wrote:
I started blocking some backscattering hosts and would like to inform
them how to fix the issue.
I still welcome suggestions for handling the few remaining cases where
my procmail chokes on a mailbox limit. Probably more of a PM question
than an SA question, but seeing how the cause for concern is
backscatter from 'full mailbox' DSN's I'm figuring the answer is here,
if anywhere....
- C
I didn't exactly understand which of the two possible questions you
asked (yeah, not native speaker :/ ) so i'll try both:
1) your MTA bounces, becouse your users mailboxes are full.
Defer (temporary reject) the message at smtp time, so the sending MTA
retrys a few times and ultimatly gives up informing the REAL sender.
(you could also reject permanently, if you want that)
If you absolutely can't fix the MTA, at least check the SPF before
bouncing. If the SPF doesn't match the sender, don't send a bounce.
Same for dkim. Also don't bounce spam.
Note that backscatter can actually get you blacklisted if you bounce to
traps.
2) You're receiving backscatter and you get "mailbox full" DSNs
I find it impossible to parse DSNs. There is no standard and its
supposed to be human readable.
For now i block mail from postmaster/bounce-*/MAILERDAMEON/... from
listed (known misconfigured) hosts. I had to firewall two very
aggressive hosts though ("normal" hosts!)
This blogs legitime DSNs so it might not be the solution for everyone.
Backscatter.org is far from complete, so i'm working on a trap. Thanks
to one of our domain beeing joe jobbed (and not receiving legitime DSN,
since we dont use it anymore) i can get around 100 hosts per day listed.
Unfortunatly i lack the infrastructure to make it usefull for the
public, and backscatter.org has no report form.
