| Welcome to the Zimbra :: Forums! | |
Welcome, if you would like to post a comment please register.
We also encourage you to explore all things Zimbra with our team and members of the community.
|
 | | 
01-07-2010, 06:16 AM
| | Special Member | |
Posts: 110
| |  Remove Zimbra server from Backscatter.org listing
Hi
My zimbra server currently version 5.0.6 centos 5 - is listed on backscatter.org.
I have asked for removal only to be relisted - I dont like these sites that ask for payment to be delisted, and I know if I pay them I will get listed again.
I can see that they have a set of rather complex advice, and I can find links regarding postfix.
The one thing I have learnt though is not to go fiddling with settings without asking first.
What should I do to ensure my system is not sending backscatter? |
01-07-2010, 06:36 AM
| | Zimbra Consultant & Moderator | |
Posts: 20,317
| |
Quote:
Originally Posted by mintra  Hi
My zimbra server currently version 5.0.6 centos 5 - is listed on backscatter.org.
I have asked for removal only to be relisted - I dont like these sites that ask for payment to be delisted, and I know if I pay them I will get listed again. | AFAIK, backscatter.org doesn't charge to remove people from their list and it will happen automatically after four weeks anyway (if you stop sending backscatter). Detail on what backscatter is and how to stop it on their web site: Backscatterer.org powered by UCEPROTECT
BTW, Zimbra is not set-up to do this my default unless modified. Have you changed the MyNetworks settings?
__________________
Regards
Bill
Last edited by phoenix; 01-07-2010 at 06:42 AM..
|
01-08-2010, 01:37 AM
| | Special Member | |
Posts: 110
| |
Thanks Phoenix, I have been using systems which put a fancy front end in front of open components for some years (Cobalt were the first) and I have found that sometimes, or should I say often when I do the craftsman approach and mess about with the underlying components, it break something else.
I have seen the section you mentioned but I had a few concerns
Firstly - Why do zimbra not prevent this in the first place, I am sure there is a good reason but it would be worth knowing, as that good reason may be a reason for me to leave things as they are.
Secondly - I did not really understand the details provided on the backscatter site you linked me to
I will read this and try and translate it into something I understand than I hope people will not mind if I come back here to verify the method.
Last edited by mintra; 01-08-2010 at 01:53 AM..
|
01-08-2010, 02:13 AM
| | |
Is your server currently acting as an open relay? That's not the standard config, like Phoenix says.
I dont understand your question of why does Zimbra not disallow such a configuration though, as in some circumstances, it may be required behaviour.
To test that your system is not allowing relay try this: Code: telnet mail.yourzimbraserver.tld 25
helo back.scatter.test
mail from: vic@tim.com
rcpt to: invaliduser@yourRealDomain.com You should get a 550 response to that last line, which is the server rejecting your mail rather than accepting it and then bouncing it to the 'sender' which is of course, the victim address. |
01-08-2010, 02:27 AM
| | Special Member | |
Posts: 110
| | POSTCONF smtpd_reject_unlisted_recipient in zmmta.cf
Ok
So I read the link from backscatter and followed that through, zimbra uses postfix and the place seems to be in the file.
/opt/zimbra/conf/zmmta.cf
line POSTCONF smtpd_reject_unlisted_recipient
Which is set by default to no
If I log in as Zimbra and chmod 644 the zmmta.cf file so that I can edit it and make this change and set it to yes is this the correct thing to do?
I understand this will need to be redone every time I update Zimbra.
Why if it is such a bad thing to do backscatter is this set to no anyway?
It may be that Zimbra has another way of stopping backscatter?
Also I not that catchall addresess when used will break this and that some domain aliases also cause backscatter.
I am looking now at how to check for these aliases and for the catchalls.
John |
01-08-2010, 02:30 AM
| | Zimbra Consultant & Moderator | |
Posts: 20,317
| |
Quote:
Originally Posted by mintra Firstly - Why do zimbra not prevent this in the first place, I am sure there is a good reason but it would be worth knowing, as that good reason may be a reason for me to leave things as they are. | Zimbra does not, by default, act as an open relay and you should not be seeing 'backscatter' coming from your server but you will be seeing normal bounce messages when they're required.
Try the test that Dirk has given you or one of the open relay tests available on the internet.
__________________
Regards
Bill
|
01-08-2010, 02:33 AM
| | Zimbra Consultant & Moderator | |
Posts: 20,317
| |
Quote:
Originally Posted by mintra So I read the link from backscatter and followed that through, zimbra uses postfix and the place seems to be in the file.
/opt/zimbra/conf/zmmta.cf
line POSTCONF smtpd_reject_unlisted_recipient
Which is set by default to no
If I log in as Zimbra and chmod 644 the zmmta.cf file so that I can edit it and make this change and set it to yes is this the correct thing to do? | You don't need to chmod the file, just log in as root and change that option. Quote:
Originally Posted by mintra Also I not that catchall addresess when used will break this and that some domain aliases also cause backscatter.
I am looking now at how to check for these aliases and for the catchalls. | Do you actually use a catch-all? If you do then any changes you've mentioned above will not be effective as a catch-all will catch every email coming into the system, they are a spammers dream and should be avoided at all costs.
__________________
Regards
Bill
|
01-08-2010, 05:50 AM
| | Special Member | |
Posts: 110
| | Checked open relay and catch all
Thanks for the reponses
I have tried Dirks test and I get the 550 recipient address rejected
I have tried the
zmprov gd mydomain.com | grep CatchAll
On all 42 domains on the system. No catch all seems operational.
I was playing with a test server with 5.0.6 but I find the real server has 6.0.1 and the line POSTCONF smtpd_reject_unlisted_recipient is already set to yes on the server unlike the 5.0.6 server.
Last edited by mintra; 01-08-2010 at 06:14 AM..
|
01-08-2010, 06:07 AM
| | Zimbra Consultant & Moderator | |
Posts: 20,317
| |
Quote:
Originally Posted by mintra Thanks for the reponses
I have tried Dirks test and I get the 550 recipient address rejected
I have tried the
zmprov gd mydomain.com | grep CatchAll
On all 42 domains on the system. No catach all seems operational.
I will make the change to the zmmta.cf and request removal from backscatter again. | If that test worked then you're not an open relay so I'd like to see some evidence that says you are, where are your emails being rejected from? Who is it that says you're on the backscatter.org RBL (apart from backscatter.org themselves)? You should be seeing details in your daily mail report that say people have tried relaying through you and been blocked, are you?
__________________
Regards
Bill
|
01-08-2010, 06:25 AM
| | Special Member | |
Posts: 110
| | Backscatter page
It is only backscatter.org
Though I run a number of zimbra servers I have not had cause to look at the daily reports or the logs.
Where is the best place for me to look for such daily reports, do you mean zmmsgtrace or is it easier than that. I was trying to work out how to look at what backscatter describe as
A total of 115 Impacts were detected during this listing. Last was 07.01.2010 00:00 CET +/- 10 minutes.
So if I can search the log at that time I may expect to see the bounce backs and this may give me a clue to the backscatter listing | | Thread Tools | Search this Thread | | | | | Display Modes |  Linear Mode | | Why Join? Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.   |
Bugzilla
Wiki
Source
