Backscatterer.org

Discussion in 'Linux VPS - DirectAdmin' started by mooresites, Aug 2, 2010.

  1. mooresites

    mooresites New Member

    I am routinely getting listed on backscatterer.org's blacklist. I've gone through their guide on how to prevent this (lousy guid, btw) and am at a standstill. DNSbl.info gave me the best description about it and it looks like my server does the proper notifications for bad emails. I really need to get this taken care of - has been going on for almost a year now and is a thorn in my side. Any advice on how to make sure you don't get listed on backscatterer.org (and barracuda for that matter)?
     
  2. Dan

    Dan Moderator

    Hello Mooresites,

    Any idea which rule of theirs you're triggering or why you keep being blocked? We're just shooting in the dark without that kind of info.
     
  3. mooresites

    mooresites New Member

    Rule

    According to Backscatterer.org, bouncebacks to spammers using your address as a "replyto" should be as follows:

    If yourcompany.tld has a properly configured mail server, the SMTP dialog will look like this:

    HELO forged.domain.name
    MAIL FROM: victimatvictimdomain.tld[/email (i used 'at' so I could submit this post)
    RCPT TO: NoSuchUseratyourcompany.tld
    550 User unknown

    I tested that from another account outside knownhost and it gave the same result.
     
  4. mooresites

    mooresites New Member

    Also . . .

    I just received a spam that came from my server (ns1.mooresites.com) and tracked the originating IP address to Romania. Here are the headers (fyi, [email protected] is a forwarder of mine).

    Return-path: <[email protected]>
    Envelope-to: [email protected]
    Delivery-date: Mon, 02 Aug 2010 12:26:50 -0400
    Received: from mail by ns1.mooresites.com with spam-scanned (Exim 4.72)
    (envelope-from <[email protected]>)
    id 1Ofxqh-00025G-RM
    for [email protected]; Mon, 02 Aug 2010 12:26:50 -0400
    Date: Mon, 02 Aug 2010 12:26:50 -0400
    X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on ns1.mooresites.com
    X-Spam-Level:
    X-Spam-Status: No, score=-73.8 required=3.0 tests=ADDRESS_IN_SUBJECT,BAYES_20,
    DRUGS_ANXIETY,NO_REAL_NAME,SPF_NEUTRAL,SUBJECT_DRUG_GAP_VA,
    SUBJECT_DRUG_GAP_X,URIBL_AB_SURBL,URIBL_BLACK,URIBL_JP_SURBL,
    URIBL_SC_SURBL,URIBL_WS_SURBL,USERPASS,USER_IN_WHITELIST autolearn=no
    version=3.1.7
    Received: from [193.226.60.161] (helo=Iulia-PC)
    by ns1.mooresites.com with smtp (Exim 4.72)
    (envelope-from <[email protected]>)
    id 1Ofxqh-00024u-Em
    for [email protected]; Mon, 02 Aug 2010 12:26:47 -0400
    Message-ID: <[email protected]>
    From: [email protected]
    To: [email protected]
    Subject: [email protected] Xanax ® Valium 45% 0FF
    MIME-Version: 1.0
    Content-Type: text/plain; charset="utf-8"
    Content-Transfer-Encoding: 7bit



    Thanks for any help!
     
  5. mooresites

    mooresites New Member

    Got it . . .

    Well, thanks to support (you guys truly rock), I found out some of my accounts weren't running spam assassin even though they were just forwarders. I have since activated and all seems to have quieted down. I still have some frozen mail, though not nearly what it was. Thanks guys.
     
  6. basi

    basi New Member

    [FONT=&quot]Hi Mooresites, It is good to learn that you got the issue resolved. But can you explain how you got it fixed. I am looking forward to get the solution to this problem. For the first time I am hearing about this issue of getting listed in the blacklist. That’s why I am very curious.[/FONT][FONT=&quot]


    [/FONT]
     
  7. mooresites

    mooresites New Member

    It was actually a matter of activating Spam Assassin on each account on my server (I used "send to each users spam box" if that matters). Once all accounts were active with Spam assassin (I use Direct Admin and used "Spam Assassin settings), my queue slimmed up and I was removed from Backscatterer's list . . .
     

Share This Page