On 11/1/2008 3:19 PM, Larry wrote: > Backscatter is the new spam. Spammers are intentionally sending spam that > will be returned in the bounce message. We have configured our MTA to not > bounce messages to invalid addresses on our server (in violation of RFC 822) > to cut down on this spam source. But listserv is now a major source of > backscatter spam. > > The backscatter problem has become overwhelming, and has gotten our site > blacklisted by AT&T and MSN. Spam messages from non-subscribed addresses > are sent to the list, and listserv dutifully sends a "you are not > authorized.." reply. We see about 300 of these an hour. While it violates > the RFCs, AT&T and MSN have told us we need to not reply to these bogus > posts (which contain typical spam messages). Is there a way to configure > listserv v 14 to ignore posts from non-subscribers, rather than to send > reject messages? > > We have a similar problem with bogus SUBSCRIBE messages. We get about 300 > of these per day. Each one results in a confirmation message being sent to > the bogus address in the subscribe request. These are treated as spam by > AT&T and MSN. We're afraid to turn off CONFIRM for obvious reasons. > You mention two seperate issues: the first involves delivery error messages for invalid recipient addresses, the second involves administrative replies from the LISTSERV server. Regarding the first issue: You need to configure your MX host to perform recipient address resolution for all internal addresses, including list and list-related addresses, so it will not 'accept then bounce' messages for invalid recipient addresses. One way to do this is to use LDAP for recipient address resolution, but it is not the only way. If your MX hosts rejects the message during the SMTP session with the sending server, the delivery error message, if any, will be generated by the sending server, not by your MX host, and it will be that server, not your MX host, which is identified as the source of the backscatter. Regarding the second issue: You need a spam filter on the message flow to your LISTSERV server. LISTSERV 14.3 later provides support for third-party spam filters, including open source products like SpamAssassin. See the discussion of 'SPAM_EXIT' in the LISTSERV 14.x Developers Guide <http://www.lsoft.com/manuals/1.8e/developer/developer.html#_Toc128376159>. Some spam will slip past the spam filter. You can reduce backscatter for those messages by suppressing some of the administrative replies that LISTSERV sends. You may want to consider suppressing the 'you are not authorized to post' and 'your message has been forwarded to the moderator' messages, but it would be inadvisable to suppress command, posting, and subscription confirmation requests, because that will make it impossible for legitimate senders to confirm their commands, postings, and subscription requests. See Chapter 9 in the Site Manager's manual for detailed information about creating and modifying message templates <http://www.lsoft.com/manuals/1.8e/sitemgr/sitemgr.html#_Toc128544753>. -- Paul Russell, Senior Systems Administrator OIT Messaging Services Team University of Notre Dame [log in to unmask]