Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Remove Zimbra server from Backscatter.org listing

  1. #1
    mintra is offline Special Member
    Join Date
    Nov 2005
    Location
    UK
    Posts
    117
    Rep Power
    9

    Default Remove Zimbra server from Backscatter.org listing

    Hi

    My zimbra server currently version 5.0.6 centos 5 - is listed on backscatter.org.

    I have asked for removal only to be relisted - I dont like these sites that ask for payment to be delisted, and I know if I pay them I will get listed again.

    I can see that they have a set of rather complex advice, and I can find links regarding postfix.

    The one thing I have learnt though is not to go fiddling with settings without asking first.

    What should I do to ensure my system is not sending backscatter?

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,585
    Rep Power
    57

    Default

    Quote Originally Posted by mintra View Post
    Hi

    My zimbra server currently version 5.0.6 centos 5 - is listed on backscatter.org.

    I have asked for removal only to be relisted - I dont like these sites that ask for payment to be delisted, and I know if I pay them I will get listed again.
    AFAIK, backscatter.org doesn't charge to remove people from their list and it will happen automatically after four weeks anyway (if you stop sending backscatter). Detail on what backscatter is and how to stop it on their web site: Backscatterer.org powered by UCEPROTECT

    BTW, Zimbra is not set-up to do this my default unless modified. Have you changed the MyNetworks settings?
    Last edited by phoenix; 01-07-2010 at 07:42 AM.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    mintra is offline Special Member
    Join Date
    Nov 2005
    Location
    UK
    Posts
    117
    Rep Power
    9

    Default

    Thanks Phoenix, I have been using systems which put a fancy front end in front of open components for some years (Cobalt were the first) and I have found that sometimes, or should I say often when I do the craftsman approach and mess about with the underlying components, it break something else.

    I have seen the section you mentioned but I had a few concerns

    Firstly - Why do zimbra not prevent this in the first place, I am sure there is a good reason but it would be worth knowing, as that good reason may be a reason for me to leave things as they are.

    Secondly - I did not really understand the details provided on the backscatter site you linked me to

    I will read this and try and translate it into something I understand than I hope people will not mind if I come back here to verify the method.
    Last edited by mintra; 01-08-2010 at 02:53 AM.

  4. #4
    Dirk's Avatar
    Dirk is offline Moderator
    Join Date
    May 2006
    Location
    England.
    Posts
    927
    Rep Power
    10

    Default

    Is your server currently acting as an open relay? That's not the standard config, like Phoenix says.

    I dont understand your question of why does Zimbra not disallow such a configuration though, as in some circumstances, it may be required behaviour.

    To test that your system is not allowing relay try this:

    Code:
    telnet mail.yourzimbraserver.tld 25
    helo back.scatter.test
    mail from: vic@tim.com
    rcpt to: invaliduser@yourRealDomain.com
    You should get a 550 response to that last line, which is the server rejecting your mail rather than accepting it and then bouncing it to the 'sender' which is of course, the victim address.

  5. #5
    mintra is offline Special Member
    Join Date
    Nov 2005
    Location
    UK
    Posts
    117
    Rep Power
    9

    Default POSTCONF smtpd_reject_unlisted_recipient in zmmta.cf

    Ok

    So I read the link from backscatter and followed that through, zimbra uses postfix and the place seems to be in the file.

    /opt/zimbra/conf/zmmta.cf

    line POSTCONF smtpd_reject_unlisted_recipient

    Which is set by default to no

    If I log in as Zimbra and chmod 644 the zmmta.cf file so that I can edit it and make this change and set it to yes is this the correct thing to do?

    I understand this will need to be redone every time I update Zimbra.

    Why if it is such a bad thing to do backscatter is this set to no anyway?

    It may be that Zimbra has another way of stopping backscatter?

    Also I not that catchall addresess when used will break this and that some domain aliases also cause backscatter.

    I am looking now at how to check for these aliases and for the catchalls.

    John

  6. #6
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,585
    Rep Power
    57

    Default

    Quote Originally Posted by mintra View Post
    Firstly - Why do zimbra not prevent this in the first place, I am sure there is a good reason but it would be worth knowing, as that good reason may be a reason for me to leave things as they are.
    Zimbra does not, by default, act as an open relay and you should not be seeing 'backscatter' coming from your server but you will be seeing normal bounce messages when they're required.

    Try the test that Dirk has given you or one of the open relay tests available on the internet.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  7. #7
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,585
    Rep Power
    57

    Default

    Quote Originally Posted by mintra View Post
    So I read the link from backscatter and followed that through, zimbra uses postfix and the place seems to be in the file.

    /opt/zimbra/conf/zmmta.cf

    line POSTCONF smtpd_reject_unlisted_recipient

    Which is set by default to no

    If I log in as Zimbra and chmod 644 the zmmta.cf file so that I can edit it and make this change and set it to yes is this the correct thing to do?
    You don't need to chmod the file, just log in as root and change that option.

    Quote Originally Posted by mintra View Post
    Also I not that catchall addresess when used will break this and that some domain aliases also cause backscatter.

    I am looking now at how to check for these aliases and for the catchalls.
    Do you actually use a catch-all? If you do then any changes you've mentioned above will not be effective as a catch-all will catch every email coming into the system, they are a spammers dream and should be avoided at all costs.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  8. #8
    mintra is offline Special Member
    Join Date
    Nov 2005
    Location
    UK
    Posts
    117
    Rep Power
    9

    Default Checked open relay and catch all

    Thanks for the reponses

    I have tried Dirks test and I get the 550 recipient address rejected
    I have tried the

    zmprov gd mydomain.com | grep CatchAll

    On all 42 domains on the system. No catch all seems operational.

    I was playing with a test server with 5.0.6 but I find the real server has 6.0.1 and the line POSTCONF smtpd_reject_unlisted_recipient is already set to yes on the server unlike the 5.0.6 server.
    Last edited by mintra; 01-08-2010 at 07:14 AM.

  9. #9
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,585
    Rep Power
    57

    Default

    Quote Originally Posted by mintra View Post
    Thanks for the reponses

    I have tried Dirks test and I get the 550 recipient address rejected
    I have tried the

    zmprov gd mydomain.com | grep CatchAll

    On all 42 domains on the system. No catach all seems operational.

    I will make the change to the zmmta.cf and request removal from backscatter again.
    If that test worked then you're not an open relay so I'd like to see some evidence that says you are, where are your emails being rejected from? Who is it that says you're on the backscatter.org RBL (apart from backscatter.org themselves)? You should be seeing details in your daily mail report that say people have tried relaying through you and been blocked, are you?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  10. #10
    mintra is offline Special Member
    Join Date
    Nov 2005
    Location
    UK
    Posts
    117
    Rep Power
    9

    Default Backscatter page

    It is only backscatter.org

    Though I run a number of zimbra servers I have not had cause to look at the daily reports or the logs.

    Where is the best place for me to look for such daily reports, do you mean zmmsgtrace or is it easier than that. I was trying to work out how to look at what backscatter describe as

    A total of 115 Impacts were detected during this listing. Last was 07.01.2010 00:00 CET +/- 10 minutes.

    So if I can search the log at that time I may expect to see the bounce backs and this may give me a clue to the backscatter listing

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Upgrade to ZCS 5.10
    By blozancic in forum Installation
    Replies: 0
    Last Post: 10-21-2008, 08:03 AM
  2. My Zimbra Server crashed this morning...
    By glitch23 in forum Administrators
    Replies: 3
    Last Post: 04-07-2008, 01:28 PM
  3. zmtlsctl give LDAP error
    By sourcehound in forum Administrators
    Replies: 5
    Last Post: 03-11-2007, 03:48 PM
  4. 3.1 on FC4 problems
    By cohnhead in forum Installation
    Replies: 8
    Last Post: 05-26-2006, 11:16 AM
  5. Fedora Core 3, Clean Install - Not working!
    By pcjackson in forum Installation
    Replies: 17
    Last Post: 03-05-2006, 07:38 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •