On 2010-02-14 David Koski wrote: > On Tuesday 19 January 2010, Ansgar Wiechers wrote: >> On 2010-01-18 David Koski wrote: >>> My mail server has been getting a fair amount of spam hits that have >>> been rejected but the sender address is spoofed with the recipient's >>> address. This generates an NDR to the recipient with the spam. I >>> would like to suppress NDRs of this kind but not legitimate NDRs. >> >> What I'm doing is this: >> >> - store a hash of From:, To: and Date: header of all outgoing mail >> - accept all bounces that include From:, To: and Date: headers whose >> hash matches a stored hash >> - remove stored hashes older than 4 days >> >> This method does lead to rejection of valid bounces that don't include >> the above mentioned headers. However, I consider those bounces useless >> anyway. > > How about something more simple: test for From: is the same as To: and > is from MAILER-DAEMON: > > grep "^From:.*<da...@kosmosisland.com>" "$test" \ > && grep "Return-Path:.*<MAILER-DAEMON>" "$test" \ > && grep "^To:.*<da...@kosmosisland.com>" "$test" > > ..where "$test" is the email file to scan.
You (your users) might lose valid bounces that way. > But can this be done with Postfix? Not with Postfix itself, but it's doable with a proxy_filter and probably also with a policy daemon. I'd recommend against implementing it, though, because of the abovementioned reason. Regards Ansgar Wiechers -- "Abstractions save us time working, but they don't save us time learning." --Joel Spolsky
