homepage Welcome to WebmasterWorld Guest from 54.226.225.215
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

    
return path vs bounce-back address ?!
sending email from another domain
adrianTNT




msg:4337393
 2:50 pm on Jul 9, 2011 (gmt 0)

Hello.

In the PHP mail function there is an "-f" parameter that is "return path", is this the address that a bounce back is sent to?

Let's see if I can ask this without making it sound complicated...

I have two servers, one is main-domain and one is email-helper, the email-helper domain sends email for main-domain, if I send from email-helper domain and forge sender as noreply@main-domain then any bounce backs will go to main domain and filling the email queue on mail server that didn't actually send anything, correct?

Will receiver servers have a problem if I send from email-helper with forged "from" noreply@main-domain and return path to noreply@email-helper will this be correct?

(And that probably means I have to set spf records on main-domain to designate mail-helper as allowed sender).

Thank for any help.

 

dstiles




msg:4337514
 9:28 pm on Jul 9, 2011 (gmt 0)

Return-Path should be set by the mail server but some mail servers do not set it, which is "illegal". I've never seen returnpath used on my mail servers.

Check out RFC 2821 at rfc-ref.org for more details...

"The primary purpose of the Return-path is to designate the address to which messages indicating non-delivery or other mail system failures are to be sent"

adrianTNT




msg:4338196
 11:48 pm on Jul 11, 2011 (gmt 0)

OK.
I have another question...

With initial setup, the server did not reply on port 25 with:
telnet server.address.tld 25

I understand that with this setup server cannot receive* emails but does it have any problem with sending emails while not responding on port 25? Will this affect how my server responds to checks coming from receivers like @yahoo ?
Apparently the emails are delivered.

dstiles




msg:4338684
 9:31 pm on Jul 12, 2011 (gmt 0)

I very seldom use telnet so can't asnwer that directly.

Not sure how you can send emails through your server without it having a port 25 open, unless there is some direct linkup behind the scenes.

Some mail servers will receive from your mail server without there being an active public port 25 but a few ill-mannered ones use "callback" to determine if it's a true mail server. Hopefully callback is on the wane - I haven't had much problem from it recently. You should also be aware of greylisting possibilities if sending to public-facing mail servers: yahoo is always delaying receipt of incoming emails ("our users receive next to no spam - we just send it!").

In order to connect to/from any external mail server such as yahoo you need the correct MX setup.

Check this with intodns.com - should show correct MX setup.

Check with abuse.net - this will tell you if you have any open relays, how the server reacts to spam attempts etc (for best results you need to provide an email address, preferebly one you are not testing for).

I missed one point in your original posting - spf. This is only necessary if you send serious amounts of mail, and even then not mandatory. I use neither spf nor the other systems used by yahoo etc. One of the reasons why not is a major maintenance effort when you have a lot of individual domains using a common server (which web servers often have); other reasons are that it is possible to kill a dns server and mail server if an evil user wants to; and that in any case it does not prevent spam - ask anyone with a mail server that receives from yahoo, hotmail, gmail, aol... the reason being that the spam is sent legitimately from those servers so spf etc is naturally correct. :(

adrianTNT




msg:4338711
 10:36 pm on Jul 12, 2011 (gmt 0)

About being able to send emails but not respond on port 25, it had a config line to only accept connections from locahosts, I removed that line and then it responded when testing from my local computer.

I do send many emails, around 50 000 in average per day. Maybe you have some more tips ?!

In my queue the most bounces status is "Connection timed out" or "Host not found", when I enter them in browser I usually get parked domains so I think these errors are not a problem. And about gray-listing, only around 2% of bounces mentions it.

If this server is set as a subdomain like micro1.site.com.
- Where do I need to define MX records? On parent domain DNS settings or inside this server's DNS settings?
- I defined a TXT record with SPF in it and the online checking tools cannot find a SPF record even after 24 hours.
- Should I ignore SPF settings? And if this one is not very important, then the others (DKIM, etc) are less important, right ?!

Hoople




msg:4339008
 3:28 pm on Jul 13, 2011 (gmt 0)

It could be that this server is configured to only accept mail on port 587 and not port 25. Confirm it with telnet :-)

adrianTNT




msg:4339059
 4:40 pm on Jul 13, 2011 (gmt 0)

587 and others are closed, 25 was open for this purpose. Seems to work ok now but I am afraid now is exposed to delivery failure spam.
Since there is no address that needs to receive* messages on that server maybe it was best to leave that blocked (and only receive messages from local hosts).

So many things to configure :(

dstiles




msg:4339230
 9:31 pm on Jul 13, 2011 (gmt 0)

At 50,000/day you really need a proper mail server that can cope properly with bounces, greylists etc.

For each "host not found" you MUST remove all addresses with that domain from your next mailing. Failure to do that WILL get you blocked in one or more blacklists, either private or public. Lesser failures ("no such user" must result in you removing the address from your mailing list.

"Connection timed out" may be resolved, at least in part, by using a full mail server, which should retry x times at y intervals. If the error persists then remove the address.

2% of bounces is a lot of bounces. It comes under the paragraph above: retry x times at y intervals and discard if it still fails.

You need to define MX records (and a suitable A record) in DNS. Without an MX that has a valid rDNS entry for a mail server you will be rejected by any "real" mail server that checks for such things (most serious ones do). If you do not know how to do this then it's time to read up on mail servers.

As I said, I do not believe in spf. But if you use it then the mail server must generate spf (or domainkeys or whatever) for every email sent. I would not rate dkim lower than spf.

"Delivery failure spam" - if you mean bounce records then that is not spam. You must deal with it as outlined above. If you are only sending mail and not receiving and dealing with bounces then you will get banned from serious mail servers.

I am not convinced a php mail server is a good idea, at least not in itself. I send mail from web sites to a real mail server using an intermediary function to format the message (for me this is ASP feeding MailEnable or hMail on IIS).

Use the abuse.net service I listed earlier. If you fail any one of those tests you are in trouble and could easily end up as a blocked spam relay!

I really think you should read a primer on mail servers plus a full manual for a good mail server. Managing mail is by no means easy.

adrianTNT




msg:4339242
 9:52 pm on Jul 13, 2011 (gmt 0)

I meant just 2% of bounces mention "grey" somewhere in status, I think overall bounce rate is lower than 2%.

I will try to find a way to identify the failures and remove them, it appears to be best solution and maybe mark that user and do not e-mail him 2 months or so if I get an error from his mail server. Hopefully that will help.

MX records, I think I defined them properly in main domain now, SPF record is found too by yahoo and gmail.

At abuse.net they say they have no data about that email/domain.

About the delivery failure spam, I mean that situation ... hopefully I remember it correctly...
A spammer sends an email to my server but intentionally mistypes my email (17-user@my_site.com instead of user@my_site.com) and my server then replies with a delivery failure and spamming the forged sender address with the included spammy original message attached. This is a common problem, right?
--

On this server sendmail is installed, but I don't know that much about it, I assume it handles the legitimate bounces by default?
If I just specify a "-nnoreply@site.com" in php mail function then that is where bounce backs are sent, will sendmail know what to do? Will it know when to retry and where to send?

dstiles




msg:4339733
 10:22 pm on Jul 14, 2011 (gmt 0)

A 2% bounce rate must be dealt with, especially on the volume you are talking about (I am assuming the targets have all agreed to you sending them mail - if not there is your first hurdle: unsolicited mail is illegal in many countries and unwelcome in all).

You should never get a real bounce message on a simple greylisting. A proper mail server will retry often enough to get through it (usually a few minutes) and if it finally fails THEN you will get a bounce.

If an email bounces as undeliverable then remove the address permanently or contact the person and ask why.

If abuse.net cannot find your mail server you have a serious problem OR have given them an incorrect domain/subdomain. Check your setup with intodns.com

If spammers attempt to send mail to you (and they will if it's a properly set up mail server) then do NOT bounce mail back to them. It is almost certain that the source email address is invalid and if it's mine I WILL take action. To run a proper mail server that sends YOU mail you need to consider the application of public blacklists such as spamhaus, baracuda, spamcop and others. You also need to consider various spam filters: a lot of spam comes from broadband sources, which can be trapped by blacklists like spamhaus, but a lot comes from semi-legitimate (eg web servers) and legitmate (eg yahoo) mail servers.

You should only allow mail into your system for a specific set of addresses (do not use sales or info as they are default spam addresses!). You MUST have both postmaster@domain AND abuse@domain - these are "legal" requirements for any domain/subdomain that handles mail. Without those you are likely to be at least partially blacklisted. Other addresses you use are entirely up to you but I recommend limiting them to only a handful. "Catchall" addresses (anything@domain) are asking for trouble.

You really must do some work on this problem. Mail servers need to be set up properly or they will fail in some way, sometimes causing you serious anti-spam reactions elsewhere. If you do not know how the mail server treats bounces, greylists etc you must find out.

Search for sendmail on (eg) bing and read the manuals both for sendmail and for mail applications and management in general.

adrianTNT




msg:4339740
 10:37 pm on Jul 14, 2011 (gmt 0)

The emails are users that are subscribed to new files uploaded on this site. And there are around 160 000 registered members.
So there is no chance to contact users one by one in case of failures, unless I make a script to process the bounces.

I am not sure what abuse.net is looking for, it does show postmaster@my_domain but it says "(default, no info)".
---
We have no information for this domain in the database. Lacking any better address, we suggest sending mail to postmaster at this domain and all super-domains of this domain.
---

dstiles




msg:4340195
 10:42 pm on Jul 15, 2011 (gmt 0)

From that I would read that the mail server does not have a public identity. If it does not, it will fail in many cases.

My advice is to run up a second mail server on a different network (and, obviously, different IP) and work on getting them to talk to each other.

adrianTNT




msg:4340197
 10:53 pm on Jul 15, 2011 (gmt 0)

I will experiment with more servers, so far I tried 3 configurations with minimal editing from my end. I track the click rate of links inside the messages and click rate is around 2.6% (insignificant difference between servers) from over 100 000 sent messages. I assume it it ok, I am not sure, considering that some users are subscribed for over 4 years.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved