xiven.com stating the blatantly obvious since 2002

Backscatter

Date: Tue, 03 Oct 2006 11:11:31 +0100
From: Tom Pike
To: Fasthosts Xtreme Support Team
Subject: Spam to non-existent users being bounced by Postfix

Account number: ********
Support PIN: ****

Hi

We have a problem with the Postfix SMTP server on our dedicated server.
 Mail that is sent to non-existent users is not being instantly rejected
- instead a bounce e-mail is being sent.  This is of course highly
undesirable when the e-mail is sent from a fake e-mail address (typical
of most spam).

This problem seems to occur with the default setup with domains set up
using the Matrix Control Panel (and therefore presumably a lot of your
dedicated servers are affected by this - many of their owners may be
unaware), but nothing I change in the Postfix configuration seems to
stop this behaviour.

I believe this to be a very serious problem affecting more than just our
server, and would appreciate your investigation of this matter.

Best regards
Tom Pike
Date: Tue, 3 Oct 2006 12:04:06 +0100
From: Fasthosts Xtreme Support Team
Subject: ******#****** Your Fasthosts support enquiry (PLEASE DO NOT CHANGE
 SUBJECT)
To: Tom Pike

Dear Tom,

The behaviour that you describe is the default way that Postfix deals
with messages of this type.

I believe that it happens in this manner as there are legitimate emails
that are, for whatever reason, undeliverable (misspelt username, sent to
a person who has left the company). These should be bounced so the
sender is aware that the email has not been delivered.

As far as I can tell, for the server to make the distinction between
whether emails that are spam should be immediately rejected, Postfix
would have to have anti-spam protection built-in, which falls far
outside of the Postfix team's remit.


However, in my personal experience administering Postfix mailservers, I
have come across the configuration document at:

http://www.postfix.org/ADDRESS_VERIFICATION_README.html

...which you may find useful towards your particular configuration
needs. As the document says:

"The sender/recipient address verification feature described in this
document is suitable only for low-traffic sites. It performs poorly
under high load and may cause your site to be blacklisted by some
providers. See the "Limitations" section for details.

The technique has obvious uses to reject junk mail with an unreplyable
sender address. "


In light of my findings above, I do not believe that Postfix's current
modus operandi as set up by Fedora on our dedicated server platform is
incorrect or a detriment to the mailservers' operation.

Thank you for your comments on the dedicated server setup. If you have
any further queries about Postfix, please reply to this mail and we will
endeavour to further advise you.
Date: Tue, 03 Oct 2006 14:17:19 +0100
From: Tom Pike
To: Fasthosts Xtreme Support Team
Subject: Re: *****#***** Your Fasthosts support enquiry (PLEASE DO NOT CHANGE
 SUBJECT)

Yes, the sender should receive an error message but not in the form of
an e-mail sent back to the From: address.  At the SMTP level, what is
happening is:

~$ telnet xxxxxxxx.co.uk smtp
Trying xxx.xxx.xxx.xx...
Connected to xxxxxxxx.co.uk.
Escape character is '^]'.
220 xxxxxxxx.co.uk ESMTP Postfix
MAIL FROM: myfakeemailaddress@example.com
250 Ok
RCPT TO: nonexistentaddress@xxxxxxxx.co.uk
250 Ok

The "250 Ok" response at the end is the problem.  There is no
"catch-all" e-mail address set for xxxxxxxx.co.uk, so it should
respond immediately with a 450 or 550 error code.  Instead it is
accepting the e-mail at this point, but then sending a bounce e-mail to
the address specified in MAIL FROM.  This is very bad behaviour[1] in
today's spam-ridden e-mail environment.

http://www.postfix.org/LOCAL_RECIPIENT_README.html contains details of
how to prevent this occurring with Postfix by setting the
local_recipient_maps parameter.  Theoretically by setting this as follows:
	local_recipient_maps = hash:/etc/postfix/virtual
it should solve the problem.  Unfortunately with our Fasthosts server
this does not seem to be the case for some unknown reason.


[1] See http://www.tuffmail.com/backscatter.php
        http://spamlinks.net/prevent-secure-backscatter.htm
        http://www.spamcop.net/fom-serve/cache/329.html#bounces
    for explanation as to why this is bad.

"Accepting a message and then sending a DSN to the possibly forged
envelope sender address is just not an acceptable practice today. If the
message can not be delivered it should not be accepted."

"Configure your software to either reject messages during delivery or
accept them permanently. Do not let your software make choices about
delivery after it has accepted a message."
Date: Tue, 3 Oct 2006 17:36:58 +0100
From: Fasthosts Xtreme Support Team
To: Tom Pike
Subject: ******#****** Your Fasthosts support enquiry (PLEASE DO NOT CHANGE
 SUBJECT)

Dear Tom,

I have discussed your comments with our server engineers.

There is no RFC stating that undeliverable mail has to be handled with a
450 or 550 response.

According the the engineers, as there is no explicit RFC on this issue,
our systems respond in this way to further integrate with the rest of
the services on the machine.

Our engineers can reconfigure Postfix for you however, this will incur
our Personal Engineer Service charge of £60 +VAT per half-hour of
service for them to do this on your behalf.

Our engineers have not indicated that they consider this setting to be a
detriment to customers on our Dedicated Server platform as a whole.

Anyway, in the end I figured it out for myself. Needed to add virtual_mailbox_maps = hash:/etc/postfix/virtual to /etc/postfix/main.cf.

Posted: 2006-10-03 16:44:07 UTC by Xiven | Cross-references (0) | Comments (0)

Cross-references

None

Comments

None