From: Vasya Pupkin on 22 Jul 2010 10:11 Hello. First, I have spent two days reading articles and searching web for solution but failed there. I am using postfix as an mx for my domains, it accpets mail for different addresses withing my domains which is then forwarded to other external domains, i.e. google.com and other mail services. Mail for unknown users is rejected, many other check are performed, but still sometimes my system acts as a backscatterer when something like this happens: 1. Incoming mail passes all tests, it's coming to one of the addresses within my domain, i.e. existing-user(a)mydomain.tld 2. Postfix then forwards mail to external domain, i.e. myemail(a)mailservice.tld 3. For some reason mailservice.tld rejects this mail, i.e. it doesn't like it's content or size. 4. Postfix then bounces mail to sender, which can be forged, and thus, becoming a backscatterer. Is there any way to prevent postfix from sending bounces anywhere?
From: Wietse Venema on 22 Jul 2010 10:27 Vasya Pupkin: > Hello. > > First, I have spent two days reading articles and searching web for > solution but failed there. I am using postfix as an mx for my domains, > it accpets mail for different addresses withing my domains which is > then forwarded to other external domains, i.e. google.com and other > mail services. Mail for unknown users is rejected, many other check > are performed, but still sometimes my system acts as a backscatterer > when something like this happens: > > 1. Incoming mail passes all tests, it's coming to one of the addresses > within my domain, i.e. existing-user(a)mydomain.tld > 2. Postfix then forwards mail to external domain, i.e. myemail(a)mailservice.tld > 3. For some reason mailservice.tld rejects this mail, i.e. it doesn't > like it's content or size. > 4. Postfix then bounces mail to sender, which can be forged, and thus, > becoming a backscatterer. > > Is there any way to prevent postfix from sending bounces anywhere? The best conutermeasure is not to forward spam. The second-best solution requires the ability to predict if a specific message will be rejected down-stream. Let me know when you solve that, so I can add it to Postfix. Wietse
From: Mikael Bak on 22 Jul 2010 10:28 Vasya Pupkin wrote: > Hello. > > First, I have spent two days reading articles and searching web for > solution but failed there. I am using postfix as an mx for my domains, > it accpets mail for different addresses withing my domains which is > then forwarded to other external domains, i.e. google.com and other > mail services. Mail for unknown users is rejected, many other check > are performed, but still sometimes my system acts as a backscatterer > when something like this happens: > > 1. Incoming mail passes all tests, it's coming to one of the addresses > within my domain, i.e. existing-user(a)mydomain.tld > 2. Postfix then forwards mail to external domain, i.e. myemail(a)mailservice.tld > 3. For some reason mailservice.tld rejects this mail, i.e. it doesn't > like it's content or size. > 4. Postfix then bounces mail to sender, which can be forged, and thus, > becoming a backscatterer. > > Is there any way to prevent postfix from sending bounces anywhere? Hi Vasya, To be sure to not acting as a backscatter you will have to configure the front mx to be as restrictive regarding content and mail sizes as the final destination is. Otherwise you will see problems like the theese. HTH, Mikael
|
Pages: 1 Prev: Debugging Routing Next: postfix as forwarder and backscatterer problem |