Hi, Wietse. Thanks for the speedy reply. I'm a big fan of Postfix, so first of all, thank you for developing such a great product. I cringe thinking about the days when I used to have to run Sendmail (shudder).
Ok... so let me see if I understand what is happening on my server. 1) SpamCo forges a message from innoc...@victim.com and sends it to mya...@familyname.com 2) My server (familyname.com) accepts the message because mya...@familyname is a valid recipient that appears in my virtual aliases file, then forwards the message (based on the info in that virtual aliases file) to my aunt's actual email address of auntiemildredloveskitt...@cox.net 3) Cox.net rejects the mail because it's SPAM and sends it back to the spoofed "sender": innoc...@victim.com, basically saying "your message to mya...@familyname.com was rejected because of xyz reason" 4) innoc...@victim.com's mail server receives the rejection from the ISP and then reports the IP of familyname.com as a backscatterer. Question 1) Is that an accurate representation of what is probably happening? Question 2) Isn't the ISP in step 3 truly responsible for the backscatter? I was an innocent "middleman" and my Postfix did what it was supposed to do: forwarded a message sent to a valid address on my system. Question 3) Why can't my Aunt rely on her ISP's SPAM filters in step 3? I'm just trying to be a friendly family member and provide everyone a "permanent" email address of theirn...@familyname.com. I don't want to administer a SPAM filter on my server and deal with everyone's complaints about false positives. I want to set up my mail server so that it rejects the most obviously misconfigured senders, but I'd prefer to leave SPAM filtering up to the individual family members. My dad, for example, has his alias forwarded to a gmail account, which is a great spam filter for his needs. Question 4) Any suggestions for an elegant solution? I want to be a responsible mail server admin, but I also don't want to simply tell everyone in my family that I can no longer forward their @familyname.com mail to the accounts of their choice - many of them have relied on these email addresses since I got the domain in 1996. Thanks in advance, Steve -----Original Message----- From: Wietse Venema [mailto:wie...@porcupine.org] Sent: Friday, October 15, 2010 12:13 PM To: Steve Jenkins Cc: Postfix users Subject: Re: Fighting Backscatter Steve Jenkins: > There are a few entries in there that seem to match the "<>" bill, but I'm > not sure I'm understanding what they're saying, or even what I should be > looking for to troubleshoot. > > For some background, this is my personal server that I run my family's mail > on. There are a few local IMAP/POP accounts for my immediate family members > (they are also allowed to relay mail using SMTP-AUTH), but most of the valid > destination addresses on this box are virtual aliases that forward > "firstn...@familyname.com" to everyone's respective gmail, aol, cox.net > addresses, etc. If you forward spam, then it will be rejected, and that is when Postfix starts sending spam back to innocent people. Wietse
