Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Autoresponders triggering backscatter.org listing

43 views
Skip to first unread message

TheMikeness

unread,
Oct 5, 2009, 2:07:24 PM10/5/09
to
Does anyone have any suggestions for software that will allow the
company I work for to send auto responses to our clients who need to
know when a particular person is not available to service their
requests, yet NOT land the mailserver on the backscatter list?

Right now I'm using the /usr/bin/vacation program on our linux mail
server with procmail running first to feed the incoming mails into
spamassassin, but as far as I can tell either I need a better
backscatter detecting vacation mailer, or 100% accurate spam
detection.

Any ideas?


Thanks,

Mike

--
Comments posted to news.admin.net-abuse.blocklisting
are solely the responsibility of their author. Please
read the news.admin.net-abuse.blocklisting FAQ at
http://www.blocklisting.com/faq.html before posting.

wuffa

unread,
Oct 5, 2009, 6:44:43 PM10/5/09
to
On Oct 5, 11:07 am, TheMikeness <northcott.mich...@gmail.com> wrote:
> Does anyone have any suggestions for software that will allow the
> company I work for to send auto responses to our clients who need to
> know when a particular person is not available to service their
> requests, yet NOT land the mailserver on the backscatter list?
>
> Right now I'm using the /usr/bin/vacation program on our linux mail
> server with procmail running first to feed the incoming mails into
> spamassassin, but as far as I can tell either I need a better
> backscatter detecting vacation mailer, or 100% accurate spam
> detection.
>
> Any ideas?
>

have you system only send auto responses to your clients?
any mail coming in from people not on you client list do not send auto
responses to ?you do have a list of your Clients right.
use that for the only reply to:

thats what I do . and it works very well.
wheeler

MrD

unread,
Oct 6, 2009, 7:03:19 AM10/6/09
to
TheMikeness wrote:
> Does anyone have any suggestions for software that will allow the
> company I work for to send auto responses to our clients who need to
> know when a particular person is not available to service their
> requests, yet NOT land the mailserver on the backscatter list?

Yes. You need a product that supports what is known as "presence" -
essentially the ability to know whether your correspondent is available
to attend to messages.

Instant Messaging services have this property. Email doesn't.

--
MrD.
http://ipquery.org

Seth

unread,
Oct 7, 2009, 7:27:53 AM10/7/09
to
In article <haes7g$jh1$2...@news.eternal-september.org>,

MrD <mrdem...@jackpot.invalid> wrote:
>TheMikeness wrote:
>> Does anyone have any suggestions for software that will allow the
>> company I work for to send auto responses to our clients who need to
>> know when a particular person is not available to service their
>> requests, yet NOT land the mailserver on the backscatter list?
>
>Yes. You need a product that supports what is known as "presence" -
>essentially the ability to know whether your correspondent is available
>to attend to messages.
>
>Instant Messaging services have this property. Email doesn't.

Some email systems do. Bloomberg Mail, for instance.

Seth

TheMikeness

unread,
Oct 8, 2009, 10:23:13 AM10/8/09
to
On Oct 7, 5:27 am, se...@panix.com (Seth) wrote:
> In article <haes7g$jh...@news.eternal-september.org>,

Well it appears my last message did not work. Thanks google groups!

I think I have arrived at more or less a solution, thanks for everyone
who replied but I ended up answering my own question.

I installed amavisd-new and amavisd-milter along with smf-spf and as a
result am now able to run the email data thru spamassassin without
closing the initial MTA connection, so I can reject spam at SMTP
connection time and deny receiving the message. The result is the /usr/
bin/vacation program will not see a majority of the messages it
otherwise attempts to respond to, and the SPF checking allows
improving the results further by removing obviously forged From:
headers, so the chance to emit backscatter is greatly decreased.

A big part of the problem was messages we were receiving for
forwarding to personal ISP mail addresses was never scanned for spam
since it was simply forwarding it off, so the server always felt it
had to send a DSN to uphold the RFCs, so now that the spam check
happens at connect time this is also no longer such a big issue.

It's not a perfect solution, but will decrease the likelihood that we
end up on the backscatter DNSBL or others by as much as 95%. On the
downside, people can now test against our server to see if their
message is going to be spam and improve their spam text, but they
could already do that with their own instance of spamassassin or
something. On the upside, we will produce far less backscatter, as
well as improve people's ability to troubleshoot the problem if their
message ends up as a false positive in our spam filtering.

Rob

unread,
Oct 8, 2009, 11:46:33 AM10/8/09
to
TheMikeness <northcot...@gmail.com> wrote:
> I installed amavisd-new and amavisd-milter along with smf-spf and as a
> result am now able to run the email data thru spamassassin without
> closing the initial MTA connection, so I can reject spam at SMTP
> connection time and deny receiving the message. The result is the /usr/
> bin/vacation program will not see a majority of the messages it
> otherwise attempts to respond to, and the SPF checking allows
> improving the results further by removing obviously forged From:
> headers, so the chance to emit backscatter is greatly decreased.

While that is a good thing, it will not impress backscatterer.org.
They are not interested in decreasing the likelyhood of backscatter.
They only delist you when you eliminate it completely.

E-Mail Sent to this address will be added to the BlackLists

unread,
Oct 8, 2009, 2:09:44 PM10/8/09
to
Rob wrote:
> While that is a good thing, it will not impress
> backscatterer.org.
> They are not interested in decreasing the likelyhood
> of backscatter.
> They only delist you when you eliminate it completely.

That is almost true.

They delist after a period of time, after their spamtraps
are no longer getting hit by backscatter.

That someone manages to quit hitting their spamtraps,
doesn't mean backscatter has been completely eliminated.

While I think they, like most would like backscatter to
be completely eliminated, they don't know about what
doesn't hit their spamtraps.

--
E-Mail Sent to this address <Blac...@Anitech-Systems.com>
will be added to the BlackLists.

Shmuel (Seymour J.) Metz

unread,
Oct 9, 2009, 2:34:56 PM10/9/09
to
In <slrnhcs434....@xs7.xs4all.nl>, on 10/08/2009

at 03:46 PM, Rob <nom...@example.com> said:

>While that is a good thing, it will not impress backscatterer.org. They
>are not interested in decreasing the likelyhood of backscatter. They only
>delist you when you eliminate it completely.

That, of course, is untrue.

--
Shmuel (Seymour J.) Metz, truly insane Spews puppet
<http://patriot.net/~shmuel>

I reserve the right to publicly post or ridicule any abusive
E-mail. Reply to domain Patriot dot net user shmuel+news to contact
me. Do not reply to spam...@library.lspace.org

TheMikeness

unread,
Oct 9, 2009, 4:48:06 PM10/9/09
to

If we did not have tens of thousands of likely sources of email where
they might be asking a specific staff member some questions, I would
try to do something like this.

I was originally going to develop a PHP script to replace /usr/bin/
vacation using PHP's IMAP functions and have it manage their inbox
while they're away, set up to not respond to anything that MIGHT be
spam.

I think I have a good enoguh solution, eliminating my backscatter in
90-95% of situations without ditching autoreplies. If anyone cares,
read on for the particular solution I used. After some reasearch,
several hours of hacking, more research and more hacking, I was able
even with my particular configuration to filter spam BEFORE it gets
delivered to the inbox, thus more or less eliminating the backscatter
problem caused by /usr/bin/vacation responding to spam messages. It
would have been much easier to do on a more modern system but we are
running Fedora Core 5 and have not updated mostly due to no time to
ensure a relatively painless migration. Between compiling from source,
Yum, and browsing for RPMs on Google, I ended up with libspf2, smf-
spf, amavisd-new, amavisd-milter, and my existing spamassassin and
sendmail (though it could work on most other MTAs).

Michelle Sullivan

unread,
Oct 10, 2009, 5:42:55 PM10/10/09
to
Shmuel (Seymour J.) Metz wrote:
> In <slrnhcs434....@xs7.xs4all.nl>, on 10/08/2009
> at 03:46 PM, Rob <nom...@example.com> said:
>
>> While that is a good thing, it will not impress backscatterer.org. They
>> are not interested in decreasing the likelyhood of backscatter. They only
>> delist you when you eliminate it completely.
>
> That, of course, is untrue.
>

Actually its quite true.

I have 1 piece of back scatter going out of one my system every 7 days
(regular as clockwork) and it goes straight to the same
backscatterer.org input server. That server stays listed. So
eliminating backscatter *completely* is the only way to get delisted
from backscatterer.org.

Shells

David Bolt

unread,
Oct 11, 2009, 12:38:38 AM10/11/09
to
On Saturday 10 Oct 2009 22:42, Michelle Sullivan played with alphabet
spaghetti and left this residue on the plate:

<snip>

> I have 1 piece of back scatter going out of one my system every 7 days
> (regular as clockwork) and it goes straight to the same
> backscatterer.org input server. That server stays listed. So
> eliminating backscatter *completely* is the only way to get delisted
> from backscatterer.org.

You don't have to completely eliminate backscatter, just make sure you
don't send backscatter to any of their spamtrap domains. You could be
sending thousands or millions of backscatter mails per day and, unless
you hit one of their traps, you won't be listed. That is, of course,
unless they've started accepting nominations for their lists.


Regards,
David Bolt

--
Team Acorn: www.distributed.net OGR-NG @ ~100Mnodes RC5-72 @ ~1Mkeys/s
openSUSE 10.3 32b | openSUSE 11.0 32b | |
openSUSE 10.3 64b | openSUSE 11.0 64b | openSUSE 11.1 64b | openSUSE 11.2m8
RISC OS 3.6 | RISC OS 3.11 | openSUSE 11.1 PPC | TOS 4.02

Seth

unread,
Oct 11, 2009, 9:28:34 AM10/11/09
to
In article <haojdd$osl$1...@nemesis.sorbs.net>,

Michelle Sullivan <michell...@sorbs.net> wrote:
>Shmuel (Seymour J.) Metz wrote:
>> In <slrnhcs434....@xs7.xs4all.nl>, on 10/08/2009
>> at 03:46 PM, Rob <nom...@example.com> said:
>>
>>> While that is a good thing, it will not impress backscatterer.org. They
>>> are not interested in decreasing the likelyhood of backscatter. They only
>>> delist you when you eliminate it completely.
>>
>> That, of course, is untrue.
>
>Actually its quite true.

How can they possibly know that someone hasn't ceased all backscatter,
but has ceased all backscatter that reached them?

>I have 1 piece of back scatter going out of one my system every 7 days
>(regular as clockwork) and it goes straight to the same
>backscatterer.org input server. That server stays listed.

But if your backscatter went to me, instead, they wouldn't know about
it so you wouldn't stay listed.

> So eliminating backscatter *completely* is the only way to get
>delisted from backscatterer.org.

You're missing some steps in your proof.

Seth

Shmuel (Seymour J.) Metz

unread,
Oct 12, 2009, 11:22:00 AM10/12/09
to
In <haojdd$osl$1...@nemesis.sorbs.net>, on 10/10/2009
at 09:42 PM, Michelle Sullivan <michell...@sorbs.net> said:

>Actually its quite true.

Not unless their technology far exceeds what is in the literature. They
only know about what hits their spam traps.

>I have 1 piece of back scatter going out of one my system every 7 days
>(regular as clockwork) and it goes straight to the same
>backscatterer.org input server.

Why?

>So eliminating backscatter *completely* is the only way to get
>delisted from backscatterer.org.

That is certainly the best way, but not the only way. Again, stop hitting
their spam traps and they won't know what you're emitting.

--
Shmuel (Seymour J.) Metz, truly insane Spews puppet
<http://patriot.net/~shmuel>

I reserve the right to publicly post or ridicule any abusive
E-mail. Reply to domain Patriot dot net user shmuel+news to contact
me. Do not reply to spam...@library.lspace.org

--

0 new messages