Is this a Rogue/Spammer's MTA

[anup123]

A Bounce Message to sender's address (Remote MTA) gets this eror:

[email protected] R=lookuphost T=remote_smtp: SMTP
error from remote mailer after MAIL FROM:<>: host m133.mail.163.com
[202.108.44.133]: 553 You are not authorized to send mail as <>


Is this permissible as per RFC standards??
Can this host be mnaully blocked safely (ie from legal point of view) as it seems it wouldn't take any bounce message...

Anup

 

[chirpy]

An SMTP transaction requires a valid MAIL FROM: directive - that's not one. If it's not sending one, it's most likely either just connecting to see if your server exists, or it's broken. Not sure that I'd block it for that reason unless I was getting many of those at a regular rate from one IP address.

 

[anup123]

Thanks.
Could it be that the remote mta is configured that way that it simply doesn't accept the bounces? Other remote MTA's are not really presenting this (though there a re a few) message to bounce messages. This is primarily to mails addressed to non existent users (through a catchall account which i cannot avoid) on our server and are mails which have escaped all the SPAM checks in place ...

dnsreport.com reveals erros for the said domain /mailserver
Being a Chinese origin IP it's more likely a Spammer than a genuine thing

Anup

 

[chirpy]

Being a Chinese origin IP it's more likely a Spammer than a genuine thing

True. Since most spammers (or virus) MTA's aren't bothered about compliance, I guess it is likely to be one. Up to you

 

[anup123]

Perhaps i'll block it up in case there is a repeat from the ip's again.
Would yr pop plugin works with some other webmail software?


Anup

 

[chirpy]

Would yr pop plugin works with some other webmail software?

Sadly, no. It's tailored to our specific application