Rense Buijen wrote: > Thanks a lot all, it's all clear to me now! > I though that the trusted networks mean that the message will just be > passed it it came from that source. > I didnt know it will skip to the next "Received" IP. Thanks a lot. > > One question about the "backscatter" problem though, if I understand > correctly it is always my Exchange server (the machine inline with SA) > who will send out "user does not exist" messages, right? The backup MX > will merely try to forward it and the Exchange server decides if that > mail address exists or not. I think Exchange is configured the right > way in such a way that it knows what users it has on the system.. > > I would really like to drop the second mx altogether but policy > forbids it :)
Here is an example of the backscatter problem: 1) Mail is accepted at your backup MX 2) Backup MX forwards to primary MX 3) Primary MX refuses mail (spam, virus, bad user, whatever) 4) Backup MX sends delivery notification to "From" address 5) Innocent user whose address was in the "From" field of the message gets the delivery notification and has to deal with it. Imagine 500 spams with the same forged From address going to various non-existent users on your domain. If you accept these messages, then your server will be responsible for sending 500 delivery notification messages to the poor guy whose email was forged in the spam. (and speaking as someone who has had their email address forged in a spam run, this is REALLY annoying) This is what should happen: 1) Mail arrives at backup MX 2) Mail is refused (spam, virus, bad user, etc) 3) It is now the responsibility of the sending server to send a delivery notification. Depending on where the mail originated from, it is still possible that the sending server is generating backscatter, but at least you are no longer contributing to the problem. To avoid contributing to the backscatter problem (which can get you on some blacklists), you must ensure that all of your frontline MX servers are capable of rejecting mail for unknown users and that they all do the same virus/spam filtering. The basic idea is that your frontline servers should never accept an email that will be rejected later on. -- Bowie
