Hello, I seemed to be losing the fight against backscatter email, one of our users is getting tons of backscatter spam a day. I'm using postfix Mail_version 2.7.0 + amavisd (Spamassassin) on FreeBSD machine. Please help!
# cat header_checks /^Content-Type: multipart\/report; report-type=delivery-status\;/ REJECT no third-party DSNs /^Content-Type: message\/delivery-status; / REJECT no third-party DSNs # Also in /etc/mail/spamassassin/local.cf # fighting backscatter spam whitelist_bounce_relays mail.domain.com postconf -n # postconf -n alias_database = hash:/usr/local/etc/postfix/aliases alternate_config_directories = /usr/local/etc/postfix-out anvil_rate_time_unit = 20s biff = no command_directory = /usr/local/sbin config_directory = /usr/local/etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /usr/local/libexec/postfix data_directory = /var/db/postfix debug_peer_level = 2 header_checks = regexp:/usr/local/etc/postfix/header_checks html_directory = no in_flow_delay = 1s local_recipient_maps = hash:/usr/local/etc/postfix/userdb, hash:/usr/local/etc/postfix/uservirt mail_owner = postfix mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man message_size_limit = 50000 mydestination = domin1.com, domin2.com, domin3.com, domin4.com, domin8.com myhostname = localhost.domain.com mynetworks = 127.0.0.0/8, myorigin = domain1.com newaliases_path = /usr/local/bin/newaliases queue_directory = /var/spool/postfix readme_directory = no sample_directory = /usr/local/etc/postfix sendmail_path = /usr/local/sbin/sendmail setgid_group = maildrop smtpd_banner = localhost.domain1.com smtpd_error_sleep_time = 0 unknown_local_recipient_reject_code = 550 Here is copy of the spam From: [email protected] [ <mailto:[email protected]> mailto:[email protected]] Sent: Monday, April 05, 2010 5:18 PM To: Apple Up-To-Date Subject: DELIVERY FAILURE: User itoutmbox.jaring.mydewidlahajai ([email protected]) not listed in Domino Directory Your message Subject: 727.900 Apple App-Store Notice was not delivered to: [email protected] because: User itoutmbox.jaring.mydewidlahajai ([email protected]) not listed in Domino Directory Second spam From: Mail Delivery Subsystem [ <mailto:[email protected]> mailto:[email protected]] Sent: Tuesday, April 13, 2010 4:54 AM To: [email protected] Subject: Delivery Status Notification (Failure) Delivery to the following recipient failed permanently: [email protected] Technical details of permanent failure: Internal Message-ID collision ----- Original message ----- Received: by 10.142.196.7 with SMTP id t7mr2417975wff.151.1271159616338; Tue, 13 Apr 2010 04:53:36 -0700 (PDT) Return-Path: <[email protected]> Received: from localhost ([210.112.121.12]) by mx.google.com with SMTP id 14si5418385pzk.68.2010.04.13.04.53.31; Tue, 13 Apr 2010 04:53:35 -0700 (PDT) Received-SPF: neutral (google.com: 210.112.121.12 is neither permitted nor denied by best guess record for domain of [email protected]) client-ip=210.112.121.12; Authentication-Results: mx.google.com; spf=neutral (google.com: 210.112.121.12 is neither permitted nor denied by best guess record for domain of [email protected]) [email protected] Date: Tue, 13 Apr 2010 20:50:10 +0300 From: "Apple Up-To-Date" <[email protected]> To: <[email protected]> Message-ID: <[email protected]> Subject: 95-577 Apple App-Store Notify MIME-Version: 1.0 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit
