LISTSERV - LSTSRV-L Archives - COMMUNITY.EMAILOGY.COM

LSTSRV-L Archives

LISTSERV Site Administrators' Forum

LSTSRV-L

	LISTSERV Archives
	LSTSRV-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]

Re: Error report spam problem-backscatter

Paul Russell <[log in to unmask]>

Sun, 2 Nov 2008 09:29:21 -0500

text/plain (59 lines)

On 11/1/2008 3:19 PM, Larry wrote:
> Backscatter is the new spam. Spammers are intentionally sending spam that
 > will be returned in the bounce message. We have configured our MTA to not
 > bounce messages to invalid addresses on our server (in violation of RFC 822)
 > to cut down on this spam source. But listserv is now a major source of
 > backscatter spam.
 >
 > The backscatter problem has become overwhelming, and has gotten our site
 > blacklisted by AT&T and MSN. Spam messages from non-subscribed addresses
 > are sent to the list, and listserv dutifully sends a "you are not
 > authorized.." reply. We see about 300 of these an hour. While it violates
 > the RFCs, AT&T and MSN have told us we need to not reply to these bogus
 > posts (which contain typical spam messages). Is there a way to configure
 > listserv v 14 to ignore posts from non-subscribers, rather than to send
 > reject messages?
 >
 > We have a similar problem with bogus SUBSCRIBE messages. We get about 300
 > of these per day. Each one results in a confirmation message being sent to
 > the bogus address in the subscribe request. These are treated as spam by
 > AT&T and MSN. We're afraid to turn off CONFIRM for obvious reasons.
 >

You mention two seperate issues: the first involves delivery error messages
for invalid recipient addresses, the second involves administrative replies
from the LISTSERV server.

Regarding the first issue: You need to configure your MX host to perform
recipient address resolution for all internal addresses, including list
and list-related addresses, so it will not 'accept then bounce' messages
for invalid recipient addresses.  One way to do this is to use LDAP for
recipient address resolution, but it is not the only way.  If your MX hosts
rejects the message during the SMTP session with the sending server, the
delivery error message, if any, will be generated by the sending server, not
by your MX host, and it will be that server, not your MX host, which is
identified as the source of the backscatter.

Regarding the second issue: You need a spam filter on the message flow to
your LISTSERV server.  LISTSERV 14.3 later provides support for third-party
spam filters, including open source products like SpamAssassin.  See the
discussion of 'SPAM_EXIT' in the LISTSERV 14.x Developers Guide
<http://www.lsoft.com/manuals/1.8e/developer/developer.html#_Toc128376159>.

Some spam will slip past the spam filter.  You can reduce backscatter for
those messages by suppressing some of the administrative replies that
LISTSERV sends.  You may want to consider suppressing the 'you are not
authorized to post' and 'your message has been forwarded to the moderator'
messages, but it would be inadvisable to suppress command, posting, and
subscription confirmation requests, because that will make it impossible for
legitimate senders to confirm their commands, postings, and subscription
requests.  See Chapter 9 in the Site Manager's manual for detailed information
about creating and modifying message templates
<http://www.lsoft.com/manuals/1.8e/sitemgr/sitemgr.html#_Toc128544753>.

--
Paul Russell, Senior Systems Administrator
OIT Messaging Services Team
University of Notre Dame
[log in to unmask]

ATOM RSS1 RSS2

COMMUNITY.EMAILOGY.COM