On 12/29/2020 7:37 AM, Rafael Azevedo wrote:
Hi there,
I've noticed that one of our servers is receiving a huge amount of
unauthorized requests.
User connects to our server and tries to send an email to any
destination. Our servers denies the message because user is not
authenticated. Then, a bounce is generated to the source address,
which was fake and turns to be the final destination, so at the end,
the email is actually sent as a bounce, proliferating lots of spam.
Is there a way to avoid this?
Hi Rafael, This sounds like backscatter. To avoid it, you need to
reject the email during the real-time SMTP dialog with the sender, i.e.
during the connection from the sender, if it's an invalid recipient,
reject with 5xx. This will cause you to tell the sending server and you
don't generate a bounce.
The question is: Why are you accepting the email, then determining it's
invalid, and creating a bounce? I would typically look at some sort of
architecture issue where you haven't done what we call promoted the
valid users to the edge of your internet connection.
Hope this helps and share more information for more guidance.
Regards,
KAM
