Backscatter Email

Wed, 13 Jul 2011 10:04:51 -0700 

Hi All, can anyone advise on how to effectively fight backscatter email.
Below a typical header of the tons of backscatter email users get a day

Return-Path: <MAILER-DAEMON>
X-Original-To: u...@domain.tld
Delivered-To: u...@domain.tld
Received: from host.domain.tld (unknown [xxx.xxx.xxx.xx])
        by mail.domain.tld (Postfix) with ESMTP id 3A23B8A037;
        Wed, 13 Jul 2011 07:13:39 -0700 (PDT)
Received: from host.domain.tld (localhost [127.0.0.1])
        by host.domain.tld (Postfix) with ESMTP id ED8D5958D5
        for <u...@domain.tld>; Wed, 13 Jul 2011 07:13:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at domain.tld
X-Spam-Flag: NO
X-Spam-Score: 4.137
X-Spam-Level: ****
X-Spam-Status: No, score=4.137 tagged_above=-999 required=6.31
        tests=[BAYES_50=1.8, HTML_MESSAGE=0.001, NORMAL_HTTP_TO_IP=0.001,
URIBL_BLACK=1.725, URIBL_PH_SURBL=0.61] autolearn=no
Received: from host.domain.tld ([127.0.0.1])
        by host.domain.tld (host.domain.tld [127.0.0.1]) (amavisd-new, port
10024)
        with ESMTP id 72CZSuHVXXm4 for <u...@domain.tld>;
        Wed, 13 Jul 2011 07:13:41 -0700 (PDT)
Received: from ucmx01.uzuncase.com (66-193-162-90.static.twtelecom.net
[66.193.162.90])
        by host.domain.tld (Postfix) with ESMTP id AF131958C7
        for <u...@domain.tld>; Wed, 13 Jul 2011 07:13:41 -0700 (PDT)
Received: from ucmail.UZUN_CASE_NT.COM ([192.168.13.6])
        by ucmx01.uzuncase.com (8.13.8/8.13.8) with ESMTP id p6DEDcKT009597
        for <u...@domain.tld>; Wed, 13 Jul 2011 10:13:38 -0400
Received: from ucmail.UZUN_CASE_NT.COM ([192.168.13.5]
helo=ucmail.UZUN_CASE_NT.COM)
        by ASSP.nospam; 13 Jul 2011 10:13:38 -0400
From: postmas...@uzuncase.com
To: u...@domain.tld
Date: Wed, 13 Jul 2011 10:13:48 -0400
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
        boundary="9B095B5ADSN=_01CC411EFEA41132000001C0ucmail.UZUN_CASE"
X-DSNContext: 335a7efd - 4523 - 00000001 - 80040546
Message-ID: yA67JYZWL0000000a@ucmail.UZUN_CASE_NT.COM
Subject: Delivery Status Notification (Failure)
X-Assp-Re-Red: Content-Type: multipart/report

I know this is Postfix list but here is my Amavisd-new 
$sa_tag_level_deflt  = -999;  # add spam info headers if at, or above that
level
$sa_tag2_level_deflt = 6.11;  # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.31;  # triggers spam evasive actions (e.g. blocks
mail)
$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent

$sa_crediblefrom_dsn_cutoff_level = 18; # likewise, but for a likely valid
From

Any suggestions are welcome, thanks in Advance. 
-Motty

Reply via email to