Security Basics mailing list archives
RE: Sorbs.net DNS Blacklist
From: "Jason Williams" <jwilliams () courtesymortgage com>
Date: Tue, 14 Mar 2006 09:59:17 -0800
The "proper" way to deal with this is to reject during the smtp
conversation, that way your mailserver will not generate the bounce message and get stuck >in a blacklist.
<http://spamlinks.net/prevent-secure-backscatter.htm>
Very interesting. I did not know the ramifications that can occur from backscatter. I appreciate the link.
Backscatter is bad, I hope you can find a way to fix your problem The
link explains it better than I can
Let me explain what I did, to make sure I don't contribute to the problem. I run a mailgateway, with Postfix, MailScanner and a couple of virus scanners, plus spamassasin and other goodies. I wrote a perl script that basically queries my domain controller and pulls a list of legit employees who have email addresses. It updates the file as needed (similar to what is posted above, but my setup is a little different, so I needed to adjust it accordingly.) After that, postmap the file, reload postfix, wallla. (Cron job runs nightly) So as of 9:00am PST time, I have a relay_recipient list with only valid users to accept email for. Anything that comes in with a non-legit email address, gets rejected with a message explaining that the user is not a valid email user. Is that the correct way to do this? Any other caveats I should be aware of? Thanks -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- RE: Sorbs.net DNS Blacklist, (continued)
- RE: Sorbs.net DNS Blacklist Corey Watts-Jones (Mar 14)
- RE: Sorbs.net DNS Blacklist David Gillett (Mar 13)
- Re: Sorbs.net DNS Blacklist Dale Fay (Mar 13)
- RE: Sorbs.net DNS Blacklist Dan Tesch (Mar 13)
- Re: Sorbs.net DNS Blacklist John Mason Jr (Mar 13)
- Re: Sorbs.net DNS Blacklist Devdas Bhagat (Mar 13)
- Re: Sorbs.net DNS Blacklist jfvanmeter (Mar 10)
- RE: Sorbs.net DNS Blacklist Beilin Zhang (Mar 10)
- RE: Sorbs.net DNS Blacklist Joseph (Mar 13)
- RE: Sorbs.net DNS Blacklist Dan Denton (Mar 13)
- RE: Sorbs.net DNS Blacklist Jason Williams (Mar 14)
- Re: Sorbs.net DNS Blacklist Devdas Bhagat (Mar 15)
- Re: RE: Sorbs.net DNS Blacklist souldream (Mar 15)
- RE: Sorbs.net DNS Blacklist Brad Berson (Mar 16)
- Re: Sorbs.net DNS Blacklist Cloy Tobola (Mar 21)
- RE: Sorbs.net DNS Blacklist Jim Serino (Mar 21)
- Re: Sorbs.net DNS Blacklist Devdas Bhagat (Mar 24)