Results 1 to 5 of 5

Thread: Best Practice to prevent your mailserver being responsible for backscatter

  1. #1
    Senior Member
    Join Date
    Mar 2005
    Posts
    4,825
    Thanks
    161
    Thanked
    358 times in 288 posts
    • badass's system
      • Motherboard:
      • ASUS P8Z77-m pro
      • CPU:
      • Core i5 3570K
      • Memory:
      • 32GB
      • Storage:
      • 1TB Samsung 850 EVO, 2TB WD Green
      • Graphics card(s):
      • Radeon RX 580
      • PSU:
      • Corsair HX520W
      • Case:
      • Silverstone SG02-F
      • Operating System:
      • Windows 10 X64
      • Monitor(s):
      • Del U2311, LG226WTQ
      • Internet:
      • 80/20 FTTC

    Best Practice to prevent your mailserver being responsible for backscatter

    What's the current industry best practice to prevent backscatter for emails that have been accepted by your mailserver?
    My mailserver rejects the vast majority of spam before the message is sent by the sender thereby hugely reducing the backscatter I could generate. I do this using a combination of SPF, DNSRBL's, reverse lookups, only accepting mail for valid recipients and blacklisting certain domains. We also have Directory harvest attack protection.
    But what about those Virus infected emails that get through the first line of defence and only get picked up by the mail relay's antivirus software?
    There is no point quarantining it and emailing the user a warning - it will waste both the users and most likely the IT dept's time. The only option left is to bounce the message with an NDR/DSN.
    We cannot both refuse to send a message to a users and mailbox and not send an NDR/DSN. That would make our mail system both non RFC compliant and create a potential email black hole.
    "In a perfect world... spammers would get caught, go to jail, and share a cell with many men who have enlarged their penises, taken Viagra and are looking for a new relationship."

  2. #2
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,665
    Thanks
    53
    Thanked
    385 times in 314 posts

    Re: Best Practice to prevent your mailserver being responsible for backscatter

    will check and see what our forefront settings are. I've a feeling we would quarentine and send a warning , but I've not had any get through from postini in 3 years , so I wouldn't know
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  3. #3
    Jay
    Jay is offline
    Gentlemen.. we're history Jay's Avatar
    Join Date
    Aug 2006
    Location
    Jita
    Posts
    8,365
    Thanks
    304
    Thanked
    568 times in 409 posts

    Re: Best Practice to prevent your mailserver being responsible for backscatter

    sadly we quarantine it and send a warning, there is no other way really.
    □ΞVΞ□

  4. Received thanks from:

    badass (14-01-2010)

  5. #4
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,665
    Thanks
    53
    Thanked
    385 times in 314 posts

    Re: Best Practice to prevent your mailserver being responsible for backscatter

    we quarantine but don't send a notification if forefront detects anything.
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  6. Received thanks from:

    badass (14-01-2010)

  7. #5
    Senior Member
    Join Date
    Mar 2005
    Posts
    4,825
    Thanks
    161
    Thanked
    358 times in 288 posts
    • badass's system
      • Motherboard:
      • ASUS P8Z77-m pro
      • CPU:
      • Core i5 3570K
      • Memory:
      • 32GB
      • Storage:
      • 1TB Samsung 850 EVO, 2TB WD Green
      • Graphics card(s):
      • Radeon RX 580
      • PSU:
      • Corsair HX520W
      • Case:
      • Silverstone SG02-F
      • Operating System:
      • Windows 10 X64
      • Monitor(s):
      • Del U2311, LG226WTQ
      • Internet:
      • 80/20 FTTC

    Re: Best Practice to prevent your mailserver being responsible for backscatter

    Thanks all. Will maintain status quo. Only a handful of mails that get through the connection filtering have viruses anyway.
    "In a perfect world... spammers would get caught, go to jail, and share a cell with many men who have enlarged their penises, taken Viagra and are looking for a new relationship."

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •