On 13/01/2009, at 15:32, Jim Wright <j...@wrightthisway.com> wrote:
David, you've sent so many messages and replies that quoting
anything at this point is just wasting bandwidth. I'm going to jump
in with a few notes on what I've read here:
First, you are fixating on the wrong problem. If you have bounces
that are queued up, this is because you are accepting mail that you
cannot deliver. THAT is the problem that needs to be fixed.
Bounces are bad if you are generating them AFTER you have accepted
email. Reject such mails as they are being sent to your server.
The postfix docs are your friend, read up on this.
You implied that you have postmaster/webmaster accounts but that
these are not accepting mail? This is wrong, these addresses should
be reachable for legitimate email. Tackle this issue after you've
fixed the above. At one point you indicated that these are being
sent from users on your domain, more likely these are spoofed
addresses, you need to use some method to authenticate users before
they can send, accept certain IP ranges, local networks,
authenticated SMTP users, etc. Everyone else should be blocked from
sending.
You claimed that the bounces are for mails that you never sent, and
were forged. Is your system an open relay? Is it accepting mail
from systems that it shouldn't be? You will want to take a look at
who is using your mail server, and only authorized users/systems are
able to send mail via your mail server.
Tackle these issues, concentrate on one issue at a time. Review the
logs of mail as it arrives at your server, test repeatedly. Out of
the box, postfix is incredibly stable and secure, but with the wrong
settings this can be undone. Finally, if you still need help, run
the command 'postconf -n', and post the output unfiltered to the
list. That will tell what non-standard settings you are using,
which will likely shed clues to why you are having problems.
Hi Jim,
I found the issue. It's backscatter mail to real recipient addresses.
At first I was getting non existent as well but stopped those.
I have to employ header and body checks.
Okay my question is I have multiple domains not just one like in the
code example 'porcupine' given.
How do I code that?
Do I need to string a ton load of domain names or can you use a
wildcard to match any domain?
If I could trouble for a snip of code I can apply it and let you know.
It's a live server and I don't want to experiment code when I am not
sure how to write it.
Thanks again!
