The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

preventing backscatter with exim

Discussion in 'General Discussion' started by marshal, May 2, 2006.

  1. marshal

    marshal Registered

    Joined:
    Apr 27, 2006
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    I am trying to change the configuration of exim so that it neither generates backscatter or is subject to spam floods.

    Currently, the configuration options are to either accept all mail to a domain using a catch-all box, subjecting you to a flood of spam in that box if there's a dictionary attack, and a lot of spam on a normal day anyway, or to accept all messages and then bounce messages to non-existent recipients, usually going to a forged sender. I do not consider "accept and discard" to be an option, as it hides when someone sends a message to a valid recipient with a typo.

    What I want is for exim to reject all messages to non-existent users, at the time the mail envelope is sent. I do not want to use a catch-all address. Is there a way to get exim to do this? Or alternatively, is there a way to replace exim with postfix?

    Also on the subject of backscatter, is there a way to globally disable Boxtrapper?
     
  2. RickG

    RickG Well-Known Member

    Joined:
    Feb 28, 2005
    Messages:
    238
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    North Carolina
    You want to set the default address for all accounts to :fail: which will accomplish exactly what you are after. Mail to unkown users is rejected at the time of the SMTP connect. Search the board and you'll find tons of posts on this issue.

    Chirpy (who is a moderator on the board and an amazing source of information) has a terrific write up on "Why you should use :fail:" which can be read at http://www.configserver.com/free/fail.html
    You'll also find lots of other great info on his site as well as routines you can implement to stop dictionary attacks (amongst other things).
     
  3. jackie46

    jackie46 BANNED

    Joined:
    Jul 25, 2005
    Messages:
    537
    Likes Received:
    0
    Trophy Points:
    0
    Backscatter? Now thats a new one! :D
     
  4. marshal

    marshal Registered

    Joined:
    Apr 27, 2006
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    I've found the problem with my tests. I was connecting to the server with a client using SMTP auth, which appears to bypass the recipient validation, which is annoying. Non-authenticated mail coming in does successfully fail and is rejected rather than bounced.
     
Loading...
Similar Threads - preventing backscatter exim
  1. dynaweb
    Replies:
    2
    Views:
    390

Share This Page