Is this a Rogue/Spammer's MTA

anup123

Well-Known Member
Mar 29, 2004
889
1
168
This Planet
A Bounce Message to sender's address (Remote MTA) gets this eror:

[email protected] R=lookuphost T=remote_smtp: SMTP
error from remote mailer after MAIL FROM:<>: host m133.mail.163.com
[202.108.44.133]: 553 You are not authorized to send mail as <>


Is this permissible as per RFC standards??
Can this host be mnaully blocked safely (ie from legal point of view) as it seems it wouldn't take any bounce message...

Anup
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,437
31
473
Go on, have a guess
An SMTP transaction requires a valid MAIL FROM: directive - that's not one. If it's not sending one, it's most likely either just connecting to see if your server exists, or it's broken. Not sure that I'd block it for that reason unless I was getting many of those at a regular rate from one IP address.
 

anup123

Well-Known Member
Mar 29, 2004
889
1
168
This Planet
Thanks.
Could it be that the remote mta is configured that way that it simply doesn't accept the bounces? Other remote MTA's are not really presenting this (though there a re a few) message to bounce messages. This is primarily to mails addressed to non existent users (through a catchall account which i cannot avoid) on our server and are mails which have escaped all the SPAM checks in place ...

dnsreport.com reveals erros for the said domain /mailserver
Being a Chinese origin IP it's more likely a Spammer than a genuine thing

Anup
 
Last edited:

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,437
31
473
Go on, have a guess
Being a Chinese origin IP it's more likely a Spammer than a genuine thing
True. Since most spammers (or virus) MTA's aren't bothered about compliance, I guess it is likely to be one. Up to you ;)
 

anup123

Well-Known Member
Mar 29, 2004
889
1
168
This Planet
Perhaps i'll block it up in case there is a repeat from the ip's again.
Would yr pop plugin works with some other webmail software?
:)

Anup