Skip to main content
This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal

Notes/Domino 8 Forum

Notes/Domino 8 Forum
Previous Next

Two ways the router could be enhanced to reject backscatter

The Open Mic call had a number of questions about handling "backscatter" -- non-delivery reports that come from other servers on the Internet when a spammer has used the real e-mail address of one of your users as the apparent message sender.

One of the most promising approaches seemed to be a free third-party plug-in from Maysoft that it claims can reject 80-90% of backscatter while still allowing through genuine NDRs. The URL is: http://www.maysoft.com/bs

The Maysoft plug-in is described as examining the received NDRs to determine whether they are reponding to messages genuinely sent out from this Domino server.

This raised a couple of questions for me:

* Does this approach still work where inbound and outbound mail pass through different servers?

* Could this functionality be built into the Domino router code?

The answer to the second has to be yes, and it seems there are two techniques that could distinguish genuine NDRs from backscatter.

One technique would be similar to ND8's capability to thread Internet mail "conversations". If the router can identify a received Internet message as being a response to an earlier message sent by a Notes user, then the same capability should be workable for NDRs. Of course this would depend on the original message still being available in the sender's mail file. And there's a potential performance impact from the receiving server having to search for the message in the apparent sender's mail file.

The other approach is (I assume) the one being used by Maysoft. This would just examine the SMTP headers and decide whether the message appears to have been generated by a real message from your domain. If the system generating the NDR has included the orginal message as a "message/rfc822" MIME part, then there is information here that can be checked for authenticity or correlated with sent messages.

Any thoughts from Lotus' developers on whether either approach might be considered as an option for the router and SMTP tasks in 8.5?

Rupert Clayton
Chicago


Feedback response number WEBB7EVL4E created by ~Anita Asafreezenoopsi on 05/22/2008

Invitation to Domino Mail Routing C... (~Sean Quetnulit... 15.May.08)
. . Please confirm the date (~Dana Minhipiso... 16.May.08)
. . . . Clarification (~Sean Quetnulit... 19.May.08)
. . Need More of an Agenda/Baseline (~Isaac Xantoopu... 16.May.08)
. . . . Requested topic (~Carol Retumige... 16.May.08)
. . . . . . Cluster failover (~Tip Eltumilito... 19.May.08)
. . . . . . . . Cluster failover (~Julia Nimkimar... 22.May.08)
. . . . . . . . Troubleshooting Cluster Failover fo... (~Arnold Brerely... 22.May.08)
. . . . More of an agenda (~Sean Quetnulit... 21.May.08)
. . Q) SENDMAIL DAEMON on AIX & Domino ... (~Yentl Zenfanab... 19.May.08)
. . . . Sendmail and Domino on the same AIX... (~Anita Asafreez... 22.May.08)
. . No Backscatter for Lotus Domino Pro... (~Bill Frofreepl... 22.May.08)
. . . . Two ways the router could be enhanc... (~Anita Asafreez... 22.May.08)




Printer-friendly

Search this forum

Member Tools


RSS Feeds

 RSS feedsRSS
All forum posts RSS
All main topics RSS