Charles Sprickman via Postfix-users:
> Hi all,
>
> This is a really basic question, and this should probably be
> obvious, but I've been seeing spam/phishing come through that looks
> like this:
>
> From MAILER-DAEMON Tue Dec 02 13:31:02 2025
> Return-Path: <>
> Delivered-To: [email protected] (an anonymized valid address,
> also postfix is fronting qmail here)
>
> [...]
>
> Is the short answer that this is valid because if we didn't accept
> empty "mail from:" (envelope from), we'd never be accepting
> legitimate bounce/error messages?
The null sender address is used for legitimate auto-generated
messages such as non-delivery notifications, message disposition
notifications, out-of-office, and so on. You would lose that if you
reject bounces.
To reject false bounces you would need deeper inspection that what
is built into Postfix.
It may be built into Gmail because they are drinking from a firehose
and can do analyses that would not be possible with a small-site
mail server.
Many forms of abuse can be stopped with a reputation service like
spamhaus.org which is free for small sites. It can be used with
smtpd_mumble_restrictions, or better, with Postfix's postscreen.
Wietse
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
