On Fri, 2010-02-19 at 23:39 -0800, David Koski wrote: > On Monday 15 February 2010, Ansgar Wiechers wrote: > > On 2010-02-14 David Koski wrote: > > > On Tuesday 19 January 2010, Ansgar Wiechers wrote: > > >> On 2010-01-18 David Koski wrote: > > >>> My mail server has been getting a fair amount of spam hits that have > > >>> been rejected but the sender address is spoofed with the recipient's > > >>> address. This generates an NDR to the recipient with the spam. I > > >>> would like to suppress NDRs of this kind but not legitimate NDRs. > > >> > > >> What I'm doing is this: > > >> > > >> - store a hash of From:, To: and Date: header of all outgoing mail > > >> - accept all bounces that include From:, To: and Date: headers whose > > >> hash matches a stored hash > > >> - remove stored hashes older than 4 days > > >> > > >> This method does lead to rejection of valid bounces that don't include > > >> the above mentioned headers. However, I consider those bounces useless > > >> anyway. > > > > > > How about something more simple: test for From: is the same as To: and > > > is from MAILER-DAEMON: > > > > > > grep "^From:.*<da...@kosmosisland.com>" "$test" \ > > > && grep "Return-Path:.*<MAILER-DAEMON>" "$test" \ > > > && grep "^To:.*<da...@kosmosisland.com>" "$test" > > > > > > ..where "$test" is the email file to scan. > > > > You (your users) might lose valid bounces that way. > > I would only loose bounces that were from and to me, right? That is no big > deal. > > Regards, > David Koski > da...@kosmosisland.com > > > > But can this be done with Postfix? > > > > Not with Postfix itself, but it's doable with a proxy_filter and > > probably also with a policy daemon. I'd recommend against implementing > > it, though, because of the abovementioned reason. > > > > Regards > > Ansgar Wiechers > > Is there a policy daemon for Postfix that will plug something like this in?
http://en.wikipedia.org/wiki/Bounce_Address_Tag_Validation That is sign it on the way out, verify it on the way back?
