server on backscatterer listed

5 posts / 0 new
Last post
#1 Mon, 12/07/2009 - 04:54
opaque

server on backscatterer listed

Hi

I have a problem with my postfix server. I can´t send to some email adresses. So i take a look if the IP is blacklisted and it is listed on http://www.backscatterer.org

I have a lot of log entries like this:

8515:Dec 6 23:28:29 server1.domain.tld postfix/qmgr[2851]: 1B8F8CF0015: from=<>, size=3804, nrcpt=1 (queue active) 8563:Dec 6 23:43:35 server1.domain.tld postfix/qmgr[2851]: 5D0695C3832E: from=<>, size=3042, nrcpt=1 (queue active) 8573:Dec 6 23:45:09 server1.domain.tld postfix/qmgr[2851]: 657EF5C38327: from=<>, size=3800, nrcpt=1 (queue active) 8574:Dec 6 23:45:09 server1.domain.tld postfix/qmgr[2851]: A9400CF0011: from=<>, size=3761, nrcpt=1 (queue active)

and what I´v read maybe this is the problem. Can anybody tell what I can do to avoid this in the future.

Server CentOS 5.2 Webmin with Virtualmin 3.75 installed with the install.sh script.

thx in advance!

Mon, 12/07/2009 - 07:43
andreychek

Are you using any catchall email aliases?

That's one way that can generate some backscatter and possibly land you on the blacklists.

-Eric

Thu, 08/22/2019 - 02:30
iti

I have the same problem. I had to deactivate clamAV because of performance problems. Since then server is periodically being listed there. Where do I check this alies catchall? system is Debian 8.

Mon, 10/21/2019 - 10:46
briand

could it also be to do with out of office responses set up by user on server ?

as an aside, I have modified my "Restrictions on recipient addresses" and "smtp client restrictions" by adding additional options, and it seems to help quite a bit by keeping a lot of spam at bay, but not sure if is 100%

"Restrictions on recipient addresses" permit_mynetworks permit_sasl_authenticated reject_unknown_sender_domain reject_unauth_destination reject_non_fqdn_sender reject_non_fqdn_recipient reject_rbl_client sbl.spamhaus.org reject_rbl_client sbl-xbl.spamhaus.org reject_rbl_client cbl.abuseat.org reject_rbl_client reject_unknown_reverse_client_hostname reject_unverified_recipient reject_unverified_recipient permit_inet_interfaces

Mon, 10/21/2019 - 12:04
Dibs

Read the following link (it's answer) and you will see the order in which restrictions are checked and why you (usually) need more than just the recipient ones.

https://serverfault.com/questions/833499/effects-of-restrictions-in-post...

This also might be useful - https://wiki.centos.org/HowTos/postfix_restrictions

EDIT: I was for the last few months, coming off backscatterer and then going back on straight away. After tightening up the restrictions in Postfix, I can off on 4 days ago and haven't gone back on. Hopefully staying that way.

Topic locked