Loading ...
Sorry, an error occurred while loading the content.

Immediately bounce mails stuck to typosquatted domains

Expand Messages
  • Ram
    I have had many instances people typo their recipients email-domains and the typo domain does not accept mails Like for instance mail for user@yahoo.com is
    Message 1 of 9 , Aug 1, 2011
    • 0 Attachment
      I have had many instances people typo their recipients email-domains
      and the typo domain does not accept mails
      Like for instance mail for user@... is sent to user@...


      Mail to these domains ( Typosquatted ? ) get stuck in my queue until 4
      days when the mail is actually bounced after expiry.
      And I cannot decrease my expiry time.

      The original sender receives the NDR log very late and is not very happy
      that he wasnt informed of the typo earlier.
      ( The queue delay warning .. satisfies some of the requirement though )


      I have seen that usually a large number of the typosquatted (
      tahoo.com etc ) all go to the same ip addresses, usually to some "park"
      server , which does not accept mails at all.


      Can I configure postfix such a way that if mail is sent to these ip
      addresses , then bounce immediately.
      Or if the DNS is ns1.sedoparking.com etc


      Thanks
      Ram
    • Ralf Hildebrandt
      ... in transport_maps: tahoo.com error:Learn to type! -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin
      Message 2 of 9 , Aug 1, 2011
      • 0 Attachment
        * Ram <ram@...>:
        > I have had many instances people typo their recipients email-domains
        > and the typo domain does not accept mails
        > Like for instance mail for user@... is sent to user@...

        in transport_maps:

        tahoo.com error:Learn to type!

        --
        Ralf Hildebrandt
        Geschäftsbereich IT | Abteilung Netzwerk
        Charité - Universitätsmedizin Berlin
        Campus Benjamin Franklin
        Hindenburgdamm 30 | D-12203 Berlin
        Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
        ralf.hildebrandt@... | http://www.charite.de
      • Ramprasad
        ... That I have already , but there are so many such typos possible. Too much operations to maintain this list. Is there a way I can reject a mail based on
        Message 3 of 9 , Aug 1, 2011
        • 0 Attachment
          On Mon, 2011-08-01 at 11:52 +0200, Ralf Hildebrandt wrote:
          > * Ram <ram@...>:
          > > I have had many instances people typo their recipients email-domains
          > > and the typo domain does not accept mails
          > > Like for instance mail for user@... is sent to user@...
          >
          > in transport_maps:
          >
          > tahoo.com error:Learn to type!
          >
          That I have already , but there are so many such typos possible.
          Too much "operations" to maintain this list.


          Is there a way I can reject a mail based on recipient IP , just like I
          use DNSBL's for sender ip addresses


          Thanks
          Ram
        • Ralf Hildebrandt
          ... Stupidity in infinite, yes :) ... Yes! Try reject_check_recipient_mx_access type:table Search the specified access(5) database for the MX hosts for the
          Message 4 of 9 , Aug 1, 2011
          • 0 Attachment
            * Ramprasad <ram@...>:

            > That I have already , but there are so many such typos possible.

            Stupidity in infinite, yes :)

            > Is there a way I can reject a mail based on recipient IP , just like I
            > use DNSBL's for sender ip addresses

            Yes! Try

            reject_check_recipient_mx_access type:table

            Search the specified access(5) database for the MX hosts for the RCPT
            TO domain, and execute the corresponding action. Note: a result of
            "OK" is not allowed for safety reasons. Instead, use DUNNO in order to
            exclude specific hosts from blacklists. This feature is available in
            Postfix 2.1 and later.

            --
            Ralf Hildebrandt
            Geschäftsbereich IT | Abteilung Netzwerk
            Charité - Universitätsmedizin Berlin
            Campus Benjamin Franklin
            Hindenburgdamm 30 | D-12203 Berlin
            Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
            ralf.hildebrandt@... | http://www.charite.de
          • Benny Pedersen
            ... Resolved tahoo.com to 184.154.126.182 tahoo.com has no MX records
            Message 5 of 9 , Aug 1, 2011
            • 0 Attachment
              On Mon, 1 Aug 2011 11:52:54 +0200, Ralf Hildebrandt wrote:
              > * Ram <ram@...>:
              >> I have had many instances people typo their recipients
              >> email-domains
              >> and the typo domain does not accept mails
              >> Like for instance mail for user@... is sent to user@...
              >
              > in transport_maps:
              >
              > tahoo.com error:Learn to type!


              Resolved tahoo.com to 184.154.126.182
              tahoo.com has no MX records
            • Reindl Harald
              ... you should ADD to your transports the typo-domain with transport error:Learn to type! , after that NOTHING is resolved, your user is rejected with this
              Message 6 of 9 , Aug 1, 2011
              • 0 Attachment
                Am 01.08.2011 14:28, schrieb Benny Pedersen:
                > On Mon, 1 Aug 2011 11:52:54 +0200, Ralf Hildebrandt wrote:
                >> * Ram <ram@...>:
                >>> I have had many instances people typo their recipients email-domains
                >>> and the typo domain does not accept mails
                >>> Like for instance mail for user@... is sent to user@...
                >>
                >> in transport_maps:
                >>
                >> tahoo.com error:Learn to type!
                >
                >
                > Resolved tahoo.com to 184.154.126.182
                > tahoo.com has no MX records

                you should ADD to your transports the typo-domain with transport
                "error:Learn to type!", after that NOTHING is resolved, your user
                is rejected with this message while sending
              • Ralf Hildebrandt
                ... The A record counts as MX record in absence of MX records. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin
                Message 7 of 9 , Aug 1, 2011
                • 0 Attachment
                  * Benny Pedersen <me@...>:
                  > On Mon, 1 Aug 2011 11:52:54 +0200, Ralf Hildebrandt wrote:
                  > >* Ram <ram@...>:
                  > >>I have had many instances people typo their recipients
                  > >>email-domains
                  > >>and the typo domain does not accept mails
                  > >>Like for instance mail for user@... is sent to user@...
                  > >
                  > >in transport_maps:
                  > >
                  > >tahoo.com error:Learn to type!
                  >
                  >
                  > Resolved tahoo.com to 184.154.126.182
                  > tahoo.com has no MX records

                  The A record counts as MX record in absence of MX records.
                  --
                  Ralf Hildebrandt
                  Geschäftsbereich IT | Abteilung Netzwerk
                  Charité - Universitätsmedizin Berlin
                  Campus Benjamin Franklin
                  Hindenburgdamm 30 | D-12203 Berlin
                  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
                  ralf.hildebrandt@... | http://www.charite.de
                • Ramprasad
                  ... I am not able to get any documentation or example of reject_check_recipient_mx_access Can you please tell me how this is done
                  Message 8 of 9 , Aug 4, 2011
                  • 0 Attachment
                    On Mon, 2011-08-01 at 13:08 +0200, Ralf Hildebrandt wrote:
                    > * Ramprasad <ram@...>:
                    >
                    > > That I have already , but there are so many such typos possible.
                    >
                    > Stupidity in infinite, yes :)
                    >
                    > > Is there a way I can reject a mail based on recipient IP , just like I
                    > > use DNSBL's for sender ip addresses
                    >
                    > Yes! Try
                    >
                    > reject_check_recipient_mx_access type:table



                    I am not able to get any documentation or example of
                    reject_check_recipient_mx_access

                    Can you please tell me how this is done
                  • Ralf Hildebrandt
                    ... Look for check_recipient_mx_access type:table -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus
                    Message 9 of 9 , Aug 4, 2011
                    • 0 Attachment
                      * Ramprasad <ram@...>:

                      > > Yes! Try
                      > >
                      > > reject_check_recipient_mx_access type:table
                      >
                      >
                      >
                      > I am not able to get any documentation or example of
                      > reject_check_recipient_mx_access
                      >
                      > Can you please tell me how this is done

                      Look for check_recipient_mx_access type:table

                      --
                      Ralf Hildebrandt
                      Geschäftsbereich IT | Abteilung Netzwerk
                      Charité - Universitätsmedizin Berlin
                      Campus Benjamin Franklin
                      Hindenburgdamm 30 | D-12203 Berlin
                      Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
                      ralf.hildebrandt@... | http://www.charite.de
                    Your message has been successfully submitted and would be delivered to recipients shortly.