Backscatterer.org

#1
I am routinely getting listed on backscatterer.org's blacklist. I've gone through their guide on how to prevent this (lousy guid, btw) and am at a standstill. DNSbl.info gave me the best description about it and it looks like my server does the proper notifications for bad emails. I really need to get this taken care of - has been going on for almost a year now and is a thorn in my side. Any advice on how to make sure you don't get listed on backscatterer.org (and barracuda for that matter)?
 

Dan

Moderator
#2
Hello Mooresites,

Any idea which rule of theirs you're triggering or why you keep being blocked? We're just shooting in the dark without that kind of info.
 
#3
Rule

According to Backscatterer.org, bouncebacks to spammers using your address as a "replyto" should be as follows:

If yourcompany.tld has a properly configured mail server, the SMTP dialog will look like this:

HELO forged.domain.name
MAIL FROM: victimatvictimdomain.tld[/email (i used 'at' so I could submit this post)
RCPT TO: NoSuchUseratyourcompany.tld
550 User unknown

I tested that from another account outside knownhost and it gave the same result.
 
#4
Also . . .

I just received a spam that came from my server (ns1.mooresites.com) and tracked the originating IP address to Romania. Here are the headers (fyi, webmaster@mscog.org is a forwarder of mine).

Return-path: <webmaster@mscog.org>
Envelope-to: webmaster@mscog.org
Delivery-date: Mon, 02 Aug 2010 12:26:50 -0400
Received: from mail by ns1.mooresites.com with spam-scanned (Exim 4.72)
(envelope-from <webmaster@mscog.org>)
id 1Ofxqh-00025G-RM
for webmaster@mscog.org; Mon, 02 Aug 2010 12:26:50 -0400
Date: Mon, 02 Aug 2010 12:26:50 -0400
X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on ns1.mooresites.com
X-Spam-Level:
X-Spam-Status: No, score=-73.8 required=3.0 tests=ADDRESS_IN_SUBJECT,BAYES_20,
DRUGS_ANXIETY,NO_REAL_NAME,SPF_NEUTRAL,SUBJECT_DRUG_GAP_VA,
SUBJECT_DRUG_GAP_X,URIBL_AB_SURBL,URIBL_BLACK,URIBL_JP_SURBL,
URIBL_SC_SURBL,URIBL_WS_SURBL,USERPASS,USER_IN_WHITELIST autolearn=no
version=3.1.7
Received: from [193.226.60.161] (helo=Iulia-PC)
by ns1.mooresites.com with smtp (Exim 4.72)
(envelope-from <webmaster@mscog.org>)
id 1Ofxqh-00024u-Em
for webmaster@mscog.org; Mon, 02 Aug 2010 12:26:47 -0400
Message-ID: <20100802192651.2130.qmail@Iulia-PC>
From: webmaster@mscog.org
To: webmaster@mscog.org
Subject: webmaster@mscog.org Xanax ® Valium 45% 0FF
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit



Thanks for any help!
 
#5
Got it . . .

Well, thanks to support (you guys truly rock), I found out some of my accounts weren't running spam assassin even though they were just forwarders. I have since activated and all seems to have quieted down. I still have some frozen mail, though not nearly what it was. Thanks guys.
 

basi

New Member
#6
[FONT=&quot]Hi Mooresites, It is good to learn that you got the issue resolved. But can you explain how you got it fixed. I am looking forward to get the solution to this problem. For the first time I am hearing about this issue of getting listed in the blacklist. That’s why I am very curious.[/FONT][FONT=&quot]


[/FONT]
 
#7
It was actually a matter of activating Spam Assassin on each account on my server (I used "send to each users spam box" if that matters). Once all accounts were active with Spam assassin (I use Direct Admin and used "Spam Assassin settings), my queue slimmed up and I was removed from Backscatterer's list . . .
 
Top