On Mon, 16 Nov 2009 13:07:05 -0700 Jim Lang <post...@guscreek.com> wrote:
> John Peach wrote: > > On Mon, 16 Nov 2009 13:00:26 -0700 > > Jim Lang <post...@guscreek.com> wrote: > > > > > >> Wietse Venema wrote: > >> > >>> Jim Lang: > >>> > >>> > >>>> OK here is the scenario. > >>>> > >>>> Spammer sends mail to: u...@myclientsdomain.com from forged > >>>> address vic...@randomdomain.com > >>>> > >>>> If u...@myclientsdomain.com is delivered locally, not a problem, > >>>> if the address is invalid, postix rejects the mail during the > >>>> smtp connection. > >>>> > >>>> But if u...@myclientsdomain.com is an alias to > >>>> mycli...@otherserver.com, postfix accepts the mail as deliverable > >>>> and forwards it to hotmail.com. > >>>> > >>>> But if mycli...@otherserver.com can for whatever reason not be > >>>> delivered, otherserver.com does what it is supposed to do and > >>>> rejects the mail during the smtp connection, which causes postfix > >>>> to send out a non-delivery report to vic...@randomdomain.com -- > >>>> backscatter. > >>>> > >>>> Is there a way to stop this? > >>>> > >>>> > >>> Yes. Don't forward SPAM. > >>> > >>> Wietse > >>> > >>> > >> And how do I do that in this scenario? > >> > > > > You use recipient verification. > > > > > I must have been really inarticulate when I wrote out the scenario. > I do use recipient verification on my server. How is it that that is > not clear? Do I need to rewrite this post? > Clearly, you are *NOT* doing recipient verification, or myotherserver.com would not be rejecting it. Never accept mail which cannot be delivered. -- John
