The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Backscatter from bounces? Is there a way to remove the body content?

Discussion in 'General Discussion' started by jols, Sep 19, 2006.

  1. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    One of our hosted customers brings up a very good point:

    -- Spam is received to a non-existant address on the server.

    -- The reply-to/return path email address is faked but leads to someone's legitimate account.

    -- The spam bounces to the legitimate account.

    -- Our server acts as a spam-relay as a result.


    Is there a way to reconfigure Exim so that the body copy is NOT included in a 550 "The recipient cannot be verified. " bounce?
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    That does not happen if you use :fail: on the Default Address. It doesn't bounce the email, it denies delivery at the SMTP RCPT stage.
     
  3. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,381
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    If you use :fail: as chirpy has pointed out, your server will not send a bounce message.

    The from address may receive a bounce message, but this would be generated by the sending server.

    When someone sends an e-mail to your domain, the sending server looks up the MX record for that domain and attempts to connect to that server on port 25. When connected, the server introduces itself usually with EHLO hostname where hostname is the name of the server that is connecting to your server. Then the sending server says MAIL FROM: <fromaddress> where fromaddress it the address the mail is being sent from. Then the sending server says RCPT TO: <toaddress> where toaddress is the e-mail address on your server that the sending server is trying to reach. If this is not a valid e-mail address on your domain and your default box is set to :fail: then the transaction stops there. The receiving server does not allow any further transaction. This goes back to the sending server. Now, the sending server may elect to send a bounce message back to fromaddress which is likely a fake address in the case of a spammer and this may cause some blacklisting issues, but it would only cause the sending server to become blacklisted, since it is the one that is sending the bounced NDR message.
     

Share This Page