Recently in System News Category

Short version: My mailing list server no longer generates bounce messages for unknown accounts, thus eliminating the email backscatter is generates.

Longer version:

I have a host set up exclusively for running mailing lists using Mailman and battling spam has been quite a burden. I finally 'gave up' and made all the lists "member's only". Luckily that is possible with the email lists being run there. If I had any open mailing lists, I wouldn't have been so lucky. The result of this change was that it eliminated all spam and I was able to disable SpamAssassin and other measures put in place. SpamAssassin has been using more and more CPU time and was letting more and more spam through.

That was a few years ago.

However then the problem became Spam Backscatter. Spammers were sending to nearly every possible username in hopes of getting through. Each of these attempts resulted in a bounce message being sent to the (forged) email address the attempt claimed to come from. It got to the point where 99% of the email traffic on the machine were these bounces. The host was occasionally being blocked as punishment for generating so many bounces. Zero of these bounces were "real"... i.e. the bounce was going to an address that didn't actually send the original message and didn't care about the contents of the bounce message.

These unwanted bounce messages are called "Spam Backscatter".

My outgoing mail queue was literally filled with these bounce messages, being re-tried for weeks until Postfix would give up. I changed Postfix to delete them after a shorter amount of time, but the queue was still getting huge.

This weekend I updated the system's configuration so that it just plain doesn't generate bounces to unknown addresses on the machine. While this is something you absolutely shouldn't do for a general purpose email server (people mistyping the addresses of your users would get very confused) doing this on a highly specialized machine makes sense.

I can now proudly say that for the last 48 hours the configuration has worked well. The machine is no longer a source of backscatter pollution on the internet. The mail queue is empty. It's a shame my other mail servers can't benefit from this technique.

This website will be down sometime in the next 24 hours. I'm switching DNS registrars and I'm sure the transition will mean at least a temporary loss of service.

With just a month left for nominations, BigFix, Inc., is adding a new prize to the 2009 System Administrator of the Year contest - a progressive jackpot up to $5,000. This is a great time to nominate the sysadmin in your life that has saved the world a few times. (Or drop some hints to your boss, eh?)
Read more about it.

(By the way, I'm one of the judges for this contest.)

Comments were working on this blog but I wasn't getting email notifying me that they had been posted.  If I didn't respond to a comment you left, please drop me a note or post another comment.

Posting comments to this blog now works. It had been broken.

The problem was that the captcha protection was activated but the codes displaying them were not in the template. All fixed.

The problem had gone unnoticed because captchas weren't required for registered users (which I am one of). I've added this test-case for future server upgrades. Thanks to all that sent email about this. We wouldn't have noticed the problem without your help!