IIS 6.0 SMTP NDR SPAM Backscatter - iis-6

We have a IIS 6.0 server on AWS EC2 that is receiving emails and forwarding onto another IIS box, we are inadvertently sending NDR emails via the SMTP service to the forged From: header with the spam attached.
A few quick questions regarding IIS 6.0 SMTP
From reading we don't see a was to stop NDRs (this is by design to meet RFC requirements)
As we accept all emails sent to our address and process off line on a seperate machine can someone advise why NDR's are been delivered in the first place? Is there some other loophole they are using to force the SMTP server to generate Delayed and Non Delivery Reports?
Also can anyone recommend software that can stop this type of attack. e.g. Toriss, ORF from Vamsoft

You have to use SPF on the receiving machine so it does not accept mails with forged reverse-paths. There is no way to really fix the issue later in the mail server chain. (Note that the SMTP reverse path is not necessarily the same as the address in the From header, for example they always differ in list mails. If IIS does send bounce mails to the From address instead of the reverse-path then it is horribly broken.) If IIS does not know SPF, then you have to use a different mail server or an SMTP proxy.

Related

VB TCP Server with multiple clients

I have a simple TCP server and client working but can only communicate from client to server, i would like to know how to forward all incoming messages to all clients, when the client connects they would have to be stored, not sure how to do this, thanks in advance.
The code does not use Winsock control!
The examples are on the microsoft website, http://msdn.microsoft.com/en-us/library/w89fhyex(v=vs.110).aspx
Keep a list of Sockets in your application. Whenever a client connects add it to this list, and remove it when it disconnects. Whenever you receive a message just loop through this list and resend the message to each client, optionally ignoring the client that originally sent the message. I really can't get more specific without knowing exactly where you intend to take the design.

Changing the "From" address when integrating SendMail with Rails 3

I recently installed SendMail on my system to use for sending email from a Rails3 project. The installation went fine and I was sending emails in no time. The only problem is, when a user receives an email, the "From" address has a hostname of echo4.bluehornet.com
I followed a tip here and everything ran with no errors, but it did not change the results.
My guess is that my emails are being proxied through whatever SMTP server SendMail is configured to use. Is there any way around this? Can I configure things so that the "From" address shows up with the domain I want?
Thanks!
You'll need to configure sendmail to "masquerade" as a different host. It was the numerous times when I delved into the sendmail.cf (or sendmail.mc which you can compile to sendmail.cf) that I sought an alternative.
I decided for my purposes (typically acting as a relay server from an application to my main SMTP service), postfix is significantly easier to configure, and easier still is exim. Actually, I don't mean to throw anything except sendmail under the bus -- postfix is a full-featured email server, just about 50x easier to set up, especially for this kind of thing.
My best advice is to use Exim (or postfix, if it's installed already) to relay to a mail-sending service like SendGrid, which makes all of the headaches of mail sending go bye-bye. If you're using Amazon AWS, they have a new mail sending service as well.

Port 25 open / Postfix installed, but no mail being sent out

I've installed Postfix, opened port 25 (as well as ports 110, 995, 143, and 993) on my local computer connected to the Internet, but none of the e-mails that I am attempting to send out using the localhost:25 definition are being properly routed to their destination. Basically, I am trying to set up a local SMTP server to send out e-mails from my production website's software (also hosted on the same local computer).
I am using Verizon FIOS Internet service, who reportedly blocks port 25 (but actually does not in my case, as I have enabled it and checked that is in fact accessible from my external IP address). I have attempted to send the e-mail using no Smart Host, then using Verizon's SMTP server as a Smart Host, and finally using Verizon/Yahoo's SMTP server as a Smart Host, but none of them have worked.
What could be causing this issue?
I really appreciate any help on this problem, because I've been working to no success on it for the past three hours. Thank you all in advance!
absolutely, it's very common for large ISPs to block outbound connections on port 25 ~ they do this specifically to prevent what you are attempting. You should give them a call and verify if this is the case.
OR
See if you can configure your postfix to authenticate on your verizon mail account and relay your mail through that. [actually I did exactly this ~ I'll see if I can dig up the config]
-sean
UPDATE
here we go:
relayhost = [smtp.gmail.com]:587
smtpd_sasl_auth_enable = no
smtp_sasl_security_options =
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
Sorry, I'm a little crunched on time, you'll have to dig up the docs for postfix relaying and how to setup the password maps [cause I don't recall offhand]
Hope his helps...
Have you setup MX record in DNS (reverse DNS must work properly) and the respective domain name (FDQN) in the smpt demon ?

Windows Server PHP mail being blocked by Comcast/AOL

I have a windows server running an application which sends mail via PHP. Some of the people who should be recieving the emails are complaining they are not getting them. I think they are using Comcast or AOL. What can I do to my SMTP settings and/or DNS to allow these to go through?
Investigate SPF (Sender Protection Framework) to increase the authenticity of your emails.

Internal SMTP relay

internally, our organization limits what servers and applications can send emails. I would like to be able to have scripts that could be run on any server send an email when done. Is it possible to install IIS SMTP on a single server and have that relay all mail the servers send to our standard relay servers? All the advice I see on the internet talks about configuring relays for outbound connectivity, but this would be for internal use only. the flow would be something like this, I believe
[any server] --> My SMTP relay --> corporate SMTP relay --> Internal Mail system
Is this doable? if so, any links on how to configure? I have nearly zero SMTP knowledge.
Doable, you should search for "SMARTHOST SMTP" in google. If your mail server limits relaying to specific HOSTS/IP address, you'll still need to add the new server to the relay list. Setup will be a little different depending on you mail server/version (Exchange, IIS SMTP).
SMART HOST for Exchange:
http://www.dnsexit.com/support/mailrelay/exchange/setup.htm
I have a similar setup to what you have described. You might want want to check if your SMTP server allows relaying for authenticated users, since this might allow you current script to send emails using a domain/email user account.