Qmail Advice Needed

[arctic_ged]

Hi All,

I did a spam black list check on my server IP address using this link (http://www.mxtoolbox.com/SuperTool.aspx?action=blacklist:87.106.64.19) and found that my sever IP address has been listed on the Backscatter.org.

From what I understand It appears that Qmail accepts emails without checking if the address is valid then sends out a bounce back message to the fake email address that spam was sent from. And that's what got my server listed on the Backscatter.org.

I really want to fix this but after spending an entire day searching on the net I am completely lost.

My server is running Plesk v9.2.3 (FedoraCore 4) and would like to know if someone can point me in the right direction of what I need to do.

 

[MxToolBoxS]

Thanks for using our Blacklist tool!

You are on the right track, we don't know how to configure recipient checks during the SMTP conversation in Qmail + Plesk. If the spoofed domains have SPF records then enabling an SPF check would help somewhat. Any type of perimeter security appliance or service would be able to do this for you as well.

If you figure out how to do this I am sure others would appreciate it if you could post the instructions here.

 

[IgorG]

This generally means that either you have your server misconfigured, you are leaking spam, or your server is generating 'backscatter' which can get you listed as well. To check the first item, you should review 'Best Practices' documents to see if you are configured correctly. Our MagicSpam partner has a good resource for that. (http://www.linuxmagic.com/best_practices/) If you think your server is causing 'backscatter', this may be when you have your SpamAssassin or email server configured to 'bounce' spam, but they get bounced to forged addresses. You might want to consider MagicSpam for Plesk, which blocks that traffic, rather than bouncing it.

New FAQ's

Q. Can MagicSpam for Plesk work with the SpamAssassin Module?

A. Yes, MagicSpam acts during the SMTP phase, and your SpamAssassin works after. MagicSpam and SA will work happily together, and SpamAssassin server loads will drop significantly.

Q. My SpamAssassin load is going through the roof! Help!

A. Have you considered MagicSpam for Plesk? One of the simplest and easiest add-ons for Plesk, it not only stops the majority of attacks before it hits SpamAssassin, but rejects the bulk of trojan and bot generated emails without adding to server load.

Q. Can I use RBL's or Blacklists with Plesk?

A. Yes, you can. But you might find it simpler and easier to use the MagicSpam Module for Plesk. This allows for simpler management, whitelisting, blacklisting and full logging of all SMPT traffic, both HAM and SPAM, and it comes with automatic subscriptions to many of your favourite RBL's

Q. I tried to deliver a bounce message to this address, but the bounce bounced!

A. This can happen when a spammer forges a from signature. It is called 'backscatter', and can get you on blacklists, even though you didn't send the email. Spammers try to 'bounce' emails off of your server. You need to 'reject' emails instead of bouncing them whenever possible. There is a Spam Module from one of our partners which is especially good at stopping the majority of this problem. Visit our store, or http://www.magicspam.com for more information.