Environment
GWAVA4 (all builds)
Situation
Preventing backscatter (mailer-daemon and postmaster spam)
Resolution
Backscatter, is a term commonly associated with spam coming through the filters disguised as mailer-daemon@<domain>.com or postmaster@<domain>.com The emails usually appear to be undeliverable email from a mail relay.
FIX:
We need to set up GWAVA to block the postmaster and mailer-daemon addresses.
In your GWAVA Management Console - browse to your "Source address filter (from:)" option
Add both "postmaster@*" and "mailer-daemon@*" to the list (seen below.) You can choose to block and quarantine, or just block the unwanted postmaster and mailer-daemon emails.
After you have added the source address blocks, we want to set up some exceptions so that valid undeliverable messages still get delivered. If we don't have those exceptions, all mailer-daemon and postmaster e-mail addresses would be blocked. An IP address exception in GWAVA will allow the messages generated by your GWIA to be delivered.
To make an IP address exception go to the exception folder and select "Message header." Add both the public and private IP address of your Groupwise Internet Agent (GWIA) to your message header exceptions (e.g. 10.1.1.122 -- private and 197.120.9.21 -- public).
Make sure you check only the source addresses "mailer-daemon@*" and "postmaster@*" checkboxes (seen below) for the private and public IP addresses.
By following these steps you will prevent the backscatter email from being delivered to your inbox.
FIX:
We need to set up GWAVA to block the postmaster and mailer-daemon addresses.
In your GWAVA Management Console - browse to your "Source address filter (from:)" option
Add both "postmaster@*" and "mailer-daemon@*" to the list (seen below.) You can choose to block and quarantine, or just block the unwanted postmaster and mailer-daemon emails.
After you have added the source address blocks, we want to set up some exceptions so that valid undeliverable messages still get delivered. If we don't have those exceptions, all mailer-daemon and postmaster e-mail addresses would be blocked. An IP address exception in GWAVA will allow the messages generated by your GWIA to be delivered.
To make an IP address exception go to the exception folder and select "Message header." Add both the public and private IP address of your Groupwise Internet Agent (GWIA) to your message header exceptions (e.g. 10.1.1.122 -- private and 197.120.9.21 -- public).
Make sure you check only the source addresses "mailer-daemon@*" and "postmaster@*" checkboxes (seen below) for the private and public IP addresses.
By following these steps you will prevent the backscatter email from being delivered to your inbox.
Additional Information
This article was originally published in the GWAVA knowledgebase as article ID 247