backscatter / VBOUNCE rule in spamassassin in Virtualmin?

Virtualmin
1

Hi,

Since a few months I receive a lot of backscatter (spam-blowback bounce messages) at one of my domains hosted on Virtualmin. For example: a spammer sends out a message to thousands of e-mail addresses using a non-existing e-mail address from my domain (eg. SD567AS766sd@mydomain.com). This seems not to be an issue for my domain but for SPAM messages sent to invalid/non-existing e-mail addresses they will be bounced and delivered as “undeliverable” to my Virtualmin server. All undeliverable mails are delivered to my catch all mailbox. I’m actively using my catch-all mailbox as I personalize all my address when registering for newsletters, mailings, workmail, shops, and many more. Disabling the catch all is therefore no option. This would also cause new bounced mails…

I have been reading many articles now on how to enable the Vbounce rules which filter out the bounced messages. Somehow this does not seems to work within Virtualmin configuration.

  • How can I enable this VBOUNCE rule in spamassassin in Virtualmin? I followed the instructions from spamassassin (http://wiki.apache.org/spamassassin/VBounceRuleset) but had no success.
  • Would it be possible to create/design an setting to enable this rule in Virtualmin?

My version of Virtualmin is 3.98 GPL and seems to be up-to-date.

root@host1:/etc/postfix# spamassassin -V
SpamAssassin version 3.3.2
running on Perl version 5.14.2

Help/advise would be appreciated. Thanks.

2

You can consider implementing http://www.backscatterer.org/
but be sure to do so according to the precautions of applying it only to Mail From <>

3

Thank you for giving me direction.

The solution for postfix (please watch the database type used in postfix as this was NOT “dbm” but was “hash”. “dbm” did not worked at all and caused errors). So the correct line to add to the main.cf is: hash:/etc/postfix/check_backscatterer

----------------think about it to backup your main.cf file before changing)--------
edit /etc/postfix/main.cf and add the following lines (the … means that some rules may exist and should NOT be replaced, so add only separated with a space)

smtpd_recipient_restrictions =

check_sender_access hash:/etc/postfix/check_backscatterer

Create new file: /etc/postfix/check_backscatterer with the command: vi /etc/postfix/check_backscatterer
(see man vi for how to use the vi editor) and add the lines below to the new file:

<> reject_rbl_client ips.backscatterer.org

postmaster reject_rbl_client ips.backscatterer.org

Execute following commands for changes to take effect:

postmap /etc/postfix/check_backscatterer

postfix reload

AND TEST YOUR SERVER… :slight_smile:

Good luck!