User Tools

Site Tools


hints:mail_forwarding

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
hints:mail_forwarding [2021/02/07 22:53]
admin [Backscatter caused by forwarded spam]
hints:mail_forwarding [2021/03/08 09:41] (current)
admin [Mail forwarding causes backscatter]
Line 10: Line 10:
 Whichever mail forwarding method you use from below, always test. Send yourself mail from some outside service and check to make sure it got forwarded as expected. This will help prevent silent loss of mail, where mail gets accidentally forwarded into oblivion, or even to the wrong person. Whichever mail forwarding method you use from below, always test. Send yourself mail from some outside service and check to make sure it got forwarded as expected. This will help prevent silent loss of mail, where mail gets accidentally forwarded into oblivion, or even to the wrong person.
  
-====== Backscatter caused by forwarded spam ====== 
  
-When you forward mail, unless you use procmail, spam will be forwarded. The receiving site may reject the spam, causing the forwarded mail to bounce back to the original sender. If the sender address was forged, this will cause the bounce to go to some innocent party. This type of bounce is called [[hints:backscatter]]. Excessive backscatter from our servers may cause us to be added to block lists, causing **all** mail originating from the server fail. 
- 
-For this reason, if you receive any noticeable amount of spam to an email addresses, you should forward mail arriving for that email address only by using procmail, and using our [[hints:example_procmailrc_file_forwarding|example .procmailrc file for mail forwarding]] to block most spam from being forwarded. 
- 
-In the [[:Classic Linux]] environment, if you use the **mailq** command and find any significant amount of queued mail that seems to be to you or from you, quite likely this is backscatter being generated by mail forwarding that you are doing. 
 ===== Mail forwarding with a .forward file ===== ===== Mail forwarding with a .forward file =====
- 
-**Forwarding mail with a .forward file will forward spam.** 
  
 You can create a **.forward** file in your home directory. Incoming mail for your primary Linux login (**USER@rahul.net**  in Classic Linux, or **USER@jade-new.rahul.net** in DirectAdmin) will be automatically forwarded to any address(es) found in the .forward file. These addresses can be on a single line in the .forward file, separated by commas, or one per line without commas.  These are examples of syntactically valid .forward files: You can create a **.forward** file in your home directory. Incoming mail for your primary Linux login (**USER@rahul.net**  in Classic Linux, or **USER@jade-new.rahul.net** in DirectAdmin) will be automatically forwarded to any address(es) found in the .forward file. These addresses can be on a single line in the .forward file, separated by commas, or one per line without commas.  These are examples of syntactically valid .forward files:
Line 37: Line 29:
  
 ==== Mail forwarding with a .forward file and keeping a copy ==== ==== Mail forwarding with a .forward file and keeping a copy ====
- 
-**Forwarding mail with a .forward file will forward spam.** 
  
 To forward but also deliver into your normal mailbox, include your Linux login name as a forwarding recipient, but prepend a backslash to it. Examples are below. USER stands for your own Linux login name. To forward but also deliver into your normal mailbox, include your Linux login name as a forwarding recipient, but prepend a backslash to it. Examples are below. USER stands for your own Linux login name.
Line 62: Line 52:
   * [[hints:procmail_classic_linux|Procmail mail filtering in Classic Linux]]   * [[hints:procmail_classic_linux|Procmail mail filtering in Classic Linux]]
   * [[hints:procmail_directadmin|Procmail mail filtering in DirectAdmin]]   * [[hints:procmail_directadmin|Procmail mail filtering in DirectAdmin]]
-  * [[hints:example_procmailrc_file|Hint: example .procmailrc file]]+  * [[hints:example_procmailrc_file|Example generic .procmailrc file]]
  
 ===== Mail forwarding from within your control panel ===== ===== Mail forwarding from within your control panel =====
- 
-**Forwarding mail from within your control panel will forward spam.** 
  
 You can set up mail forwarding from within your [[:Virtualmin]] or [[:DirectAdmin]] control panel. You can set up mail forwarding from within your [[:Virtualmin]] or [[:DirectAdmin]] control panel.
Line 73: Line 61:
 ====== Mail forwarding problems ====== ====== Mail forwarding problems ======
  
-Mail forwarding problems are commonThey are almost always caused by anti-spam techniques DNS records called SPF, DKIM, and DMARC are used by sites to specify how mail originating from their domains should be handled. These DNS records let mail receiving sites identify forged sender addresses.+Mail forwarding causes two possible problems. These problems and possible solutions are discussed below. 
 + 
 +===== Mail forwarding causes some mail to be silently lost ===== 
 + 
 +DNS records called SPF, DKIM, and DMARC are used by sites to specify how mail originating from their domains should be handled. These DNS records let mail receiving sites identify forged sender addresses. 
 + 
 +When you set up mail forwarding, mail will be received by our servers and then forwarded to the mail forwarding destination. 
 + 
 +The receiving site will notice that mail that originated elsewhere is coming from our servers. Depending on the SPF, DKMI, and DMARC records, this may cause the receiving site to consider the mail as unauthorized and therefore spam. The receiving site will refile the forwarded mail as spam, or reject it temporarily thus slowing its delivery, or even reject it permanently so it bounces back. 
 + 
 +If the sender was human, they will see the bounce and know that mail did not get delivered. A properly run mailing list will keep track of bounces and let you find out how much mail to you has bounced in the past. 
 + 
 +But if the sender is a poorly administered site, such as a typical bank, stock fund, or online retailer, they will discard the bounce and make no effort to notify you. 
 + 
 +The mail that they sent you is therefore silently lost. You will never know that it was sent and that it was lost. 
 + 
 +===== Mail forwarding causes backscatter ===== 
 + 
 +Almost all incoming mail includes some amount of spam. Our servers typically reject about 80–85% of all incoming mail because it is diagnosed with high confidence as spam. The 15–20% that is permitted to reach you includes some fraction that is likely spam. Mail forwarding as enabled within the Virtualmin or DirectAdmin control panel, or as enabled using a '' .forward '' file, will include some small amount of spam. 
 + 
 +If the site that receives this forwarded mail detects spam and rejects it, that will become a delayed bounce that our servers will try to return to the original sender. But in most spam, the sender is forged. The bounce will therefore go to some innocent person. This is called [[backscatter]]. Excessive amounts of backscatter may be treated as a type of spam coming from our servers. This may cause our servers to be added to various black lists, causing outgoing mail from our servers to be blocked, and thus causing inconvenience to all users. 
 + 
 +In the [[:Classic Linux]] environment, if you use the **mailq** command and find any significant amount of queued mail that seems to be to you or from you, quite likely this is backscatter being generated by mail forwarding that you are doing. 
 +====== Mail forwarding solutions ====== 
 + 
 +There are a number of possible solutions. 
 + 
 +===== Discarding bounced spam automatically =====
  
-When you set up mail forwarding, mail will be received by our servers and then re-transmitted to the destination of the mail forwarding entrySo mail that originated elsewhere will appear to be coming from our server.+Our servers try to detect bounced spam and discard it. This works if the rejection message from the receiving site appears to indicate that the site rejected the message because it was diagnosed as spamThis type of bounce is then simply discarded, and does not become backscatter.
  
-Depending on the handling specified by SPF, DKIM, and DMARC records for the domain that appears in the sender address in forwarded mail, a receiving site might refile forwarded mail as spam, reject it temporarily thus slowing its delivery, or reject it so it bounces back.  If the sender was humanthey will see the bounce and know that mail did not get delivered. A properly run mailing list will keep track of bounces and let you find out how much mail to you has bounced in the past.+If a receiving site rejects mail as spam but our system doesn't recognize the error messagethen it will try to return the bounce to the original sender, and the message will then become backscatter.
  
-But if the sender is a poorly administered site, such as a typical bank, stock fund, or online retailer, they will discard the bounce and make no effort to notify you. You will never know that the mail never reached you.+===== Having the receiving site pull mail from your mailbox =====
  
-We highly recommend exercising caution when forwarding mail, and not forwarding important mail at all.+A second solution is to have the receiving site pull mail from your mailbox directlyso you don't have to forward it. Many email sites will fetch your mail from our servers via POP, if you give them your login information. Only **if** you trust such a site with your login name and password, then this mechanism is preferable to normal mail forwardingThen:
  
-But there is another solutionSee below.+  * Your mail will be safely fetched regardless of a sending domain's SPF, DKIM, and DMARC records. 
 +  * Mail fetched in this manner will not become bounced backscatter.
  
-====== Mail forwarding solution ======+===== Combination solutions =====
  
-Many email sites give you an alternate mechanism. They will fetch your mail from our servers via POP or IMAP, if you give them your login informationOnly **if** you trust such a site with your login name and password, then this mechanism is preferable to normal mail forwarding. It does not suffer from the spam problemYour mail will be safely fetched regardless of a sending domain's spam policies.+One slight disadvantage to having a receiving site pull mail from your mailbox is that there may be a slight delay, of a few minutes, before incoming mail reaches the destination siteA good combination solution is to use **procmail** to forward mail, while not forwarding spamThis makes your mail reach the forwarded destination immediately. Any mail not forwarded because it might be spam is then pulled from your mailbox by the destination site within a few minutesAlmost all mail will be directly forwarded, and any that is not will be pulled via POP. Forwarding with procmail is discussed earlier in this document.
hints/mail_forwarding.1612767195.txt.gz · Last modified: 2021/02/07 22:53 by admin