Hi Paul,
> "Your server may be being used for a reverse NDR (None Delivery Report)
> attack without your knowledge. We recommend that your server is set to
> reject e-mails on attempted delivery, rather than accepting the email
> and then producing the NDR".
>
> Does anyone know a way of doing this?? I am currently running
> mailscanner and spam assassin.
MailScanner can (but should not!) be configured to reject (i.e.: bounce) SPAM.
That's pretty bad behaviour, because if the sender address is forged (they
usually are), then your server bounces the SPAM to the uninvolved third party
who was unlucky enough to have his email address used in the sender field of
your SPAM.
First step should be to check your MailScanner config file to see if you're
using that broken feature. Don't remember exactly how that switch is called,
but it's labled "reject" or "bounce" or something therelike. Set it to off.
Now MailScanner is still (always has been) a somewhat poor and very hackish
choice for mail filtering. For the above reason and others.
The only serious (and non harmful to others) things you can do with it is
accept SPAM marked as such (and weep silently), or silently discard detected
SPAM.
Something proper (like a milter based solution) could reject detected SPAM at
the MTA level. This doesn't create a bounce - instead the sender gets the door
slammed in his face *while* sending. Instead of a bounce it creates a sending
error for the person that attempts the delivery. That's smooth as it comes and
doesn't cause any colateral damage.
--
With best regards,
Michael Stauber