Qmail Doublebounceto (Spam protection)

This is where members can submit tutorials that they have created on any computing related subject.
Post Reply
User avatar
steampunk
Hacker in Training
Posts: 70
Joined: Wed Nov 17, 2004 10:35 am
Location: right behind you!

Qmail Doublebounceto (Spam protection)

Post by steampunk » Sun Feb 11, 2007 5:04 pm

*This tutorial applies to Red Hat servers using Qmail through Xinetd*

Sometimes spammers will try sending hundreds, maybe thousands, of e-mails to your domain account using a random username each time in the hopes that eventually one will work. Unfortunately, these e-mails have bogus return addresses, so the sender and recipient bounce them back and forth forever, creating endless lag on your server and a hefty queue to clear out every day.

In this case you should create a "doublebounceto" file.

Before you do this, however, make sure you stop qmail and xinetd:
service qmail stop
service xinetd stop

Then check the qmail queue to make sure that no additional mail will be sent and subsequently bounced back. I use qmHandle for this (if you don't have qmHandle, GET IT):

/var/qmail/bin/qmHandle -l (This will show you the local queue)
/var/qmail/bin/qmHandle -D (This will delete everything in your queue)

Now navigate to the /var/qmail/control/ directory and add the doublebounceto file:

cd /var/qmail/control/
vi doublebounceto

Add this and save:
| > /dev/null

Now start qmail and xinetd again:
service qmail start
service xinetd start

From netstat (netstat -nalp), you can see that they are still sending those e-mails, but they're basically just hitting the server and bouncing into a blackhole.

(As a precaution, I also added the | > /dev/null string to the .qmail-default files in /var/qmail/mailnames/domainname/)
"The world cannot live at the level of its great men." -Mamoru Oshii

Post Reply