Need some help/advice

csullo · Unread post by **csullo** » Wed Oct 08, 2008 11:12 am

Hi. I confess up front to being a little lost, and a little less than knowledgeable about mail/qmail/spam. I'm pretty technical though, and trying my best to learn.

I have a CentOS 4.7, with Plesk 8.6, box which is configured to use the Atomic repo for some packages. It's running the stock qmail with spamassasin and drweb from plesk.

The server has been getting added to rbl's because of bounced spam that contains viruses (e.g., message to invalid user @ valid domain bounces to forged sender). Everything I read about qmail says the only way I can stop it, either by not bouncing, or by not including body/attachments in bounces, is to recompile qmail with patches.

I'm trying to find a sane way to fix this. I'd rather not have to maintain my own patched qmail... heck that's why I run CentOS, so I can just use Yum in almost all cases.

I suspect ART has a solution somewhere... but I'm getting a little lost on the site and tutorials and all that to find the right solution... can someone point me to a page or give me a rundown of what the best course is here?

Does the qmail in ART repo have some of these patches? Would Atomic Scanner help (and how do I add that repo... I don't see it in my yum list--and the idea of running that rather than paying for SA/drweb would be nice)? Am I missing something obvious here?

Thanks for your assistance. I really do want to learn something here about qmail/mail... but I really want to fix this issue so I'm not blocked, and help cut down the amount of junk mail/bouncing that I can.

breun · Unread post by **breun** » Wed Oct 08, 2008 11:21 am

Set your domains to reject email to non-existent mailnames, so you won't be sending out backscatter. That's a standard option in Plesk, no custom software or patches required.

csullo · Unread post by **csullo** » Wed Oct 08, 2008 11:40 am

breun wrote:Set your domains to reject email to non-existent mailnames, so you won't be sending out backscatter. That's a standard option in Plesk, no custom software or patches required.

But the message body (and attachments, I think) are sent in the reject. I have that set now

breun · Unread post by **breun** » Wed Oct 08, 2008 11:48 am

The reject option drops the message and doesn't send a bounce. You probably have your domains set to bounce.

csullo · Unread post by **csullo** » Wed Oct 08, 2008 12:53 pm

I have it set to reject.

I tried a test mail from gmail and I get a 550 back which includes the body content of the original mail.

I tried a test mail from a corporate account and I get a 550 back without the message body.

Have I been pulling my hair out for hours because gmail is all "friendly" and includes the message body in the notification it displays, but regular mail services don't?

btw, thanks for your quick responses breun, i very much appreciate it!