Hi,
I am new to postfix, so sorry for any inconvenience by questions, which
may have been discussed ealready. I did google for my problem first, though.
I recently migrated an internet server including mail services for a
small group of users from linux to Mac OSX server (not my idea). On
linux I used to run the MTA with exim, so I have some familiarity with
MTA in general, but not with postfix. The postfix on the Mac OSX server
is so far more or less what you can do with the server admin (meaning
Apple defaults, basically).
Here comes the question/problem: I noticed a considerable number of
wicked spam, which seems to work like this: It puts a valid existing
local user not only in the To: but also in the From: header. The spam
gets filtered alright by spamassassin, and then it bounces, but it
doesn't bounce to the actual real originator, but to the local user. So
in this way the spammer manages to deliver the spam to the addrassee,
although it is filtered my spamassassin, abusing the bounce concept. I
searched the internet about disabling boune messages, and came across a
post, where Wietse Venema wrote, that he will not allow "over his dead
body" disabling bouncing. Now, maybe I misunderstand something here, and
my problem and the quoted post do not relate to the same kind of
bounces. It seems to me, that this type of bounce is highly undesirable,
so how to avoid it?
In my exim setup I silently sent all suspicious mail (virus infected ot
spam) to a special acount, where it would get deleted automatically
after one month. I kept it there in case some user complined about not
receiving a specific mail. I did not generate bounce mails, and did not
reject delivery. Basically, I want to do the same now.
kind regards,
Marcus
PS: output of postconf -n:
bash-3.2# postconf -n
biff = no
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
enable_server_options = yes
header_checks = pcre:/etc/postfix/custom_header_checks
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
mail_owner = _postfix
mailbox_size_limit = 0
mailbox_transport = dovecot
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
message_size_limit = 104857600
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = s44.at
mydomain_fallback = localhost
myhostname = server.s44.at
mynetworks = 127.0.0.0/8
newaliases_path = /usr/bin/newaliases
queue_directory = /private/var/spool/postfix
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
relayhost =
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = _postdrop
smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated
permit
smtpd_enforce_tls = no
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_helo_hostname
reject_non_fqdn_helo_hostname
smtpd_pw_server_security_options = cram-md5,gssapi,plain,login
smtpd_recipient_restrictions = permit_sasl_authenticated
permit_mynetworks reject_unauth_destination check_policy_service
unix:private/policy permit
smtpd_sasl_auth_enable = yes
smtpd_tls_CAfile =
/etc/certificates/server.s44.at.4EF6136BE9E4DFBF0724E064F5B5FB3DD9856EC2.chain.pem
smtpd_tls_cert_file =
/etc/certificates/server.s44.at.4EF6136BE9E4DFBF0724E064F5B5FB3DD9856EC2.cert.pem
smtpd_tls_exclude_ciphers = SSLv2, aNULL, ADH, eNULL
smtpd_tls_key_file =
/etc/certificates/server.s44.at.4EF6136BE9E4DFBF0724E064F5B5FB3DD9856EC2.key.pem
smtpd_tls_loglevel = 0
smtpd_use_pw_server = yes
smtpd_use_tls = yes
unknown_local_recipient_reject_code = 550
virtual_alias_domains = $virtual_alias_maps
hash:/etc/postfix/virtual_domains
virtual_alias_maps = hash:/etc/postfix/virtual_users
