Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Spam Bounce messages in queue

Status
Not open for further replies.
timetrap

timetrap

Programmer
Jul 20, 2005
7
US
qmail queue is filling up pretty quickly with bounce messages that it tries to deliver to non-existing spammer domains. while i have set up doublebounces to be deleted; this doesnt seem to help when the domain is invalid. i assume that since there is no immediate bounce message received from the remote host, qmail just keeps trying to send these messages as long as set in queuelifetime.

is there a way i can tweak the queue that it doesnt try send bounce messages more than once and than gives up on sending the bounce.
 
Sort by date Sort by votes
not really, mostly messages sent to common account names (admin, webmaster etc..) but also a few to old accounts no longer used that were exposed to robots ways back when people didnt't think much about posting email addresses on the web. so not on the scale of a dict attack.

i know of chkuser but i'd rather not deal with it for several reasons, a.) it requires vpopmail which i do not want to use and b.) it has some requirements on previous patches that would make me nervous. at this point i got a pretty stable system and would rather not patch anymore unless it's very simple & straightforward without any dependencies... (too much time spent troubleshooting new patches already :) )

it seems that since all bounces are sent with <> envelope FROM, that there should be a way to avoid queuing these forever. also, i believe server needs to return a temporary error for qmail-remote to queue these messages. so that would mean, these are all servers that do exit but don't sent EHLO or some other problem. correct me if i'm wrong?
 
Upvote 0 Downvote
Another thing you can do is to put .qmail aliases in place for those formerly legit accounts and have them all deliver to a real account called something like "discard".

Then run a cron script to run (hourly)

root rm -f ~user/Maildir/new/*

You need to run it hourly if you're getting a lot of mail because the "rm" command has a limit on the number of files it can handle as parameters

That way you don't have so many bounces to accounts you can name specifically.

The chkuser patch will, obviously, spare you the dictionary attacks.

D.E.R. Management - IT Project Management Consulting
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

lassaad2k
  • Locked
  • Question
Mdaemon Integration with AD
Replies
0
Views
1K
lassaad2k
lassaad2k
Mshen
  • Locked
  • Question
Mdaemon does not list in service.msc
Replies
0
Views
537
Mshen
Mshen
nikanjyl25
  • Locked
  • Question
Spam Mail
Replies
0
Views
62
nikanjyl25
nikanjyl25
LkEErie
  • Locked
  • Question
Magin number of messages
Replies
0
Views
234
LkEErie
LkEErie
l0stnewb
  • Locked
  • Question
(qmail) finding messages to/from invalid user
Replies
0
Views
54
l0stnewb
l0stnewb

Part and Inventory Search

Sponsor

Back
Top