Re: backscatter

Mon, 23 Nov 2009 14:14:58 -0800 

Noel Jones wrote:

On 11/23/2009 3:25 PM, K bharathan wrote:



On Mon, Nov 23, 2009 at 8:02 PM, /dev/rob0 <r...@gmx.co.uk
<mailto:r...@gmx.co.uk>> wrote:

    On Mon, Nov 23, 2009 at 03:51:33PM +0100, Robert Schetterer wrote:
     > > the server got a list of  domains (those domains mail servers
    use this
     > > server as relayhost)to relay out and does only smtp out; what
    could be
     > > wrong in the above config; appreciate ur assistance upon this
     >

     > thats the reason, guess your relay clients get lots of i.e 
spam/virus
     > mail,perhaps they bounce after allready got the mail for 
nonexistent

     > domains/mailaccounts etc ( do they have catch alls, buggy virus

    Indeed, if you relay backscatter, you can expect to be listed as a
    backscatterer! That's pretty simple. Don't do it. Get the clients to
    fix their problems. In the meantime a check_sender_access lookup
    will stop the abuse:
    <>    HOLD
    and you can check mailq(1) periodically; release any that look like
    legitimate bounces, and deal with the others as may be appropriate.
    "man postsuper" for information.
    --
        Offlist mail to this address is discarded unless
    "/dev/rob0" or "not-spam" is in Subject: header

i tried putting <>   HOLD in allowed domains (mydomain map) but it
doesn't work and result in 'relay access denied'; how can i put this and
check ?



That needs to go in a check_sender_access map.  Something like:
# main.cf
smtpd_sender_restrictions =
  check_sender_access hash:/etc/postfix/hold_bounce

# /etc/postfix/hold_bounce
<> HOLD


I expect there will be thousands of these.  You don't (usually) get on a 
backscatter blacklist for sending just a few bounces.



The real solution is to get the incoming gateways to stop accepting 
stuff that will be bounced.  If the incoming gateways are not under your 
control, stop accepting mail from them.


  -- Noel Jones



That's where his 'mydomains' maps are, but I'm still very confused.

> smtpd_sender_restrictions =
>    check_sender_access hash:/etc/postfix/mydomains
>    check_recipient_access hash:/etc/postfix/allowed_forwards
>    reject_unauth_destination

Did you include both,

  example.com     OK
  <>                HOLD


in the access map? The first is necessary to avoid that 
reject_unauth_destination.





















					Reply via email to