----- Original Message -----
From: "Charles Marcus" <[EMAIL PROTECTED]>
To: "John Heim" <[EMAIL PROTECTED]>
Cc: "Postfix users" <postfix-users@postfix.org>
Sent: Thursday, August 14, 2008 11:06 AM
Subject: Re: mail aliases & spam
On 8/14/2008 11:54 AM, John Heim wrote:
Get it? Somebody tries to spam [EMAIL PROTECTED] and user12 has his
mail forwarded to his gmail account. Gmail detects the spam, rejects the
message and my mta then generates a bounce back to the original forged
from address.
I don't see anything in the backscatter howto about this. I believe my
machine is properly configured to not generate normal (for lack of a
better term) backscatter. I mean, it doesn't bounce incoming spam. But
this is almost like spam coming from inside my own system.
This is one of the problems with auto-forwarders and auto-responders.
It looks to me like the main problem is why so much actual spam is
getting through to your users - what anti-spam measures do you take?
Exactly! Except that the reason our anti-spam measures are ineffective is
that the addresses are aliased. We have 2 MTAs running postfix with
pre-queue spam filters and then a delivery machine running postfix,
spamassassin, & dovecot. The pre-queue spam filter gets about 50% of
incoming spam. Of course, that means that about 50% gets through. On the
destination machine, we call spamc via a procmail rule. That would normally
filter almost all the rest into the user's "spam" folder. But the problem is
that procmail is never run if the address has an alias.
The delivery machine has much stricter spam settings than the MTAs. But I am
worried about false positives on the MTAs. If athere is a false positive on
the destination machine, it's just put into the user's spam folder. On the
MTAs, it's rejected.
