On Mon, Oct 13, 2008 at 5:08 PM, Michelle Konzack <
linux4michelle(_at_)tamay-dogan(_dot_)net> wrote:
Hello *,
since some days I am hit by several 10.000 backscatters (MAILER-DAEMON,
postmaser, noreply).
I like to know how you are dealing with it.
Since I am on GSM/Dialup, I am currently not more able to read my email
I use here to post...
Where is your mail hosted? You use gsm/dialup to download mail from a server
connected to the internet with a better connection? Is procmail the only
solution you're using?
I am thinking to send this crap back to the origination server with:
----[ STDIN ]-----------------------------------------------------------
:0c
* ^To:.*(linux4michelle|michelle\.konzack|ml4michelle)@(tamay-dogan.ne
* ^From:.*(MAILER-DAEMON|postmaster|noreply)
* ! ^From:.*pinguin-hosting\.de
* ! ^From:.*tamay-dogan\.net
* ! ^X-Loop:.*backscatter killer
{
:0fw
| tdbackscatter-pgsql --register
:0
* ^X-TDBackscatter-pgsql: HIT=true
{
VAR0=`formail -czx To:`
VAR1=`formail -I Return-Path: -I Sender: -r -t -czx To: |sed
's|.*@|@|'`
VAR2=`date --rfc-822 `
VAR3=`cat`
:0fw
| (formail -I "Return-Path:" -r -t \
-a "Message-ID:" \
-I "Return-Path: <>" \
-I "From: ${VAR1}" \
-I "To: abuse${VAR2}, postmaster${VAR2}" \
-I "Date: ${VAR3}" \
-I "User-Agent: tdtools-procmail v 2.0.0" \
-I "Mime-Version: 1.0" \
-I "Content-Type: text/plain; charset=us-ascii" \
-I "Content-Disposition: inline" \
-A "X-Loop: backscatter killer" ; \
echo "Hello backscatter sender." ; \
echo "" ; \
echo "You get this message since you have send me more then 5 of
them." ; \
echo "" ; \
echo "Because I have no customers, friends or such in your domain,
your" ; \
echo "Mailserver is definitively broken since it does respond to
Fake-Headers." ; \
echo "Do not spam me again with this shit..." ; \
echo "" ; \
echo "Otherwise you must calculate with a DoS on your Mailsystem." ;
\
echo "" ; \
echo "######################### Original Message Follows
#########################
echo "${VAR4}" |sed 's|^|> |g')
You're threatening to DoS? It's apparent you're frustrated, and that's
understandable, but it doesn't justify retaliation.
:0c
|sendmail -t
}
:0
.ATTENTION.FLT_backscatter/
}
------------------------------------------------------------------------
Good, this is currently working and it bombed out over 23.000 messages
today but I have over 35.000 waiting from the last weekend...
Any better ways to stop them sending out backscatters?
What have you tried instead? Are you using a whitelist? What's the role of
this email address you're receiving so much backscatter to? tbh, your
approach is very unprofessional.
Thanks, Greetings and nice Day/Evening
Michelle Konzack
Systemadministrator
24V Electronic Engineer
Tamay Dogan Network
Debian GNU/Linux Consultant
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack Apt. 917 ICQ #328449886
+49/177/9351947 50, rue de Soultz MSN LinuxMichi
+33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail