none
Prevent backscatter with Default SMTP Service on Windows Server 2003

    Question

  • We have a Windows 2003 Server that runs the default SMTP service to provide email support to some of our clients.  We have noticed a problem with backscatter and are wondering how we can configure our server to stop it.

    We are aware of the recipient filtering solution in Exchange, but that doesn't seem to be an option in the SMTP service configuration area.

    Does anyone know how to enable recipient filtering with the default SMTP service on Windows Server 2003 (not with Exchange) or know of another way to prevent backscatter?

    Tuesday, May 03, 2011 3:30 PM

All replies

  • Don't know what you mean by "backscatter",...or what you mean by "recpient filtering".
    Thursday, May 05, 2011 6:36 PM
  • Backscatter is defined by email blacklists as occurring when an email server auto-responds to a faked email address.  So, a spammer sends a bunch of spam to our server to email addresses that no longer exist.  By default, the email server sends an auto-response to the "reply" email that the destination email doesn't exist and it can't deliver the email.  The problem is that if the spammer uses a faked email address (or worse, a real address for an unsuspecting person), that email address receives the auto-response even if they didn't send the original email.  Some email blacklists will list you if your server is configured to auto-respond like this.  The solution is to only auto-respond if the sending address is known locally (i.e., you actually host email for that person) and block auto-responses if the sender is not.  This is basically recipient filtering.

     

    This is easy to do with Exchange, but I can't find a way to do this in the default SMTP service provide on Server 2003.

    Friday, May 06, 2011 3:18 PM
  • Ah! Yes.  I've always called that NDR Spamming.

    I don't see anything like that in it to deal with that other than limit the IP's it will allow an connection from,..and limit it to those "known" Clients,...then it would refuse the connection from other IPs.   Properties-->Access-->Connection-->"Only the List below--->add the IP Subnets the Clients are comming from.

    Other than that the IIS/SMTP just may not be a suitable tool for what you are doing.

    Friday, May 06, 2011 10:32 PM
  • Thanks for the response.  Unfortunately, I can't limit the IP's that can send mail to my clients.  I realize the interface doesn't have any options for this, but I was hoping there might be some kind of a registry fix or something along those lines that would direct the SMTP service to do this.  But, maybe we're out of luck there too.
    Friday, May 06, 2011 10:40 PM
  • If you use this only to send to clients then it should not have from the Internet to it (inbound),...it should only have outbound access.  That alone would solve the problem.
    Saturday, May 07, 2011 1:44 AM
  • Our clients have to be able to send and receive emails through it.  It is their standard email service. 
    Monday, May 09, 2011 2:37 PM