Hi, I've setup some servers using the Perfect Server guide for Hardy : http://www.howtoforge.com/perfect-server-ubuntu8.04-lts-p5 Today I got a warning from the datacenter, telling that one of my server has been used for spamming. It threatened to disconnect my server is nothing is done about it. And also there's a prospect that my server will be blacklisted by SpamCop, causing problem for everyone hosted in that machine. Personally I was very surprised, and curious : how ? Turned out the spammers are using misdirected bounces : http://www.spamcop.net/fom-serve/cache/329.html#bounces OK, I thought this should be pretty easy to solve; years ago I was messing with OpenBSD 3.x as mailserver; and I think it's just changing a single setting in Amavis. But I couldn't remember which. Anyway, the "perfect server" howto doesn't use Amavis, so it had to be done in Postfix. Let's recap: I want to disable ALL bounces. With this in mind, I googled around. Unfortunately, everything I found was much more complex than I expected, and even then I doubt that it'd solve my problem WITHOUT the potential of causing more troubles. I thought it'd be as simple as a single line setting in main.cf, such as "smtpd_recipient_restrictions = reject_unknown_recipient". But, there's no such setting. The article at http://www.postfix.org/BACKSCATTER_README.html is useless too. Because it said "configure Postfix to reject all mail for non-existent recipients", but then the instructions are for local_maps; while the "perfect server" howto uses virtual_maps. At the moment I've read numerous articles and still stuck. Anyone got a hint on how to do this ? (disable all bounces) Thanks, Harry attached: warning from SpamCop : Code: From: "Admin SS427" <[email protected]> To: [email protected] Date: Tue, 05 May 2009 16:07:46 -0700 Subject: [SpamCop (72.55.164.228) id:4111230831]Undelivered Mail Returned to Sender [ SpamCop V4.5.0.102 ] This message is brief for your comfort. Please use links below for details. Unsolicited bounce from: 72.55.164.228 http://www.spamcop.net/w3m?i=z4111230831z3b503a5f9de11453e213b556de3d0967z 72.55.164.228 appears to be sending unsolicited bounces, please see: http://www.spamcop.net/fom-serve/cache/329.html This is an email abuse report for an email message received from IP source on Tue, 05 May 2009 16:07:46 -0700 For more information about this format please see http://www.mipassoc.org/arf/ To change ARF message format to SpamCop format change settings on your preferences page: http://www.spamcop.net/mcgi?action=showispprefs ---------- Forwarded message ---------- From: [email protected] (Mail Delivery System) To: [email protected] Date: Tue, 5 May 2009 19:07:44 -0400 (EDT) Subject: Undelivered Mail Returned to Sender This is the mail system at host server03.abangadek.com. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system <[email protected]>: mail for cepat.abangadek.com loops back to myself Final-Recipient: rfc822; [email protected] Original-Recipient: rfc822;[email protected] Action: failed Status: 5.4.6 Diagnostic-Code: X-Postfix; mail for cepat.abangadek.com loops back to myself ---------- Forwarded message ---------- From: "Alden Perez" <[email protected]> To: <[email protected]> Date: Tue, 5 May 2009 20:07:07 -0300 Subject: Doping for your porksword!
This might help: http://archives.neohapsis.com/archives/postfix/2002-04/1404.html http://209.85.129.132/search?q=cach...e+bounces&cd=4&hl=en&ct=clnk&client=firefox-a
Thanks Falco. I've added soft_bounce = yes to postfix's /etc/postfix/main.cf It'll cause postfix not to send any bounces. Which is what I need. However, instead of dropping the email; postfix will defer it. So the problematic emails will stay in queues. Clearly I won't be able to use this setting for extended period. However, it helps to avoid being blacklisted by SpamCop for the time being So I'll keep looking. If anyone knows a more permanent solution, please do share it with us as well. Thanks Harry
Dear Harry, I am facing similar problem on my system. Thanks for the tip to switch on the soft_bounce, it temporarily works for me as well. If you find more permanent solution, please post it here. I will do likewise. Regards Martin
