mouss wrote:
Diego Ledesma wrote:
Hello.
Our mail server (running postfix 2.3.8, 15+ users) is reciving more
and more
spam every week. Right now we are reciving almost 10K spam messages
per day
(last week it was 5K), most of them are send to two accounts which,
unfortunately for now, cannot be deleted.
Our postifix configuration does not have any restrictions, i mean no
message
is rejected and amavis is configured to only add a spam tag to the
subject.
I was considering on enabling rbl restrictions.
My question is, as messages in rbl lists are rejected (is this right??),
wouldn't this make me a source of backscatter?.
No, reject != bounce.
when your postfix rejects a transaction, it issues an smtp error code.
it is the sending MTA that will generate a bounce to the sender, but
this is not your problem.
by the "sending MTA", I meant the one that connects to your postfix. if
this server is under your control, it will generate backscatter. in
short, you can only reject mail at the edge of your network (when one of
your servers receives it from a network with no relationship with you).
here is something to start with
smtpd_recipient_restrictions =
permit_mynetworks
reject_unauth_destination
reject_non_fqdn_sender
reject_non_fqdn_recipient
reject_invalid_helo_hostname
reject_unlisted_recipient
reject_unlisted_sender
#reject_non_fqdn_helo_hostname
reject_rbl_client zen.spamhaus.org
reject_non_fqdn_helo_hostname is effective (it rejects about 15% here),
but it may block mail from misconfigured sites. it is up to you to use
it or not.
