I have also noticed an increase of "bad connections" to my server.
Fortunately, very few get past postscreen - I heartily recommend its use. Allen C On 28/03/17 22:00, Daniele Nicolodi wrote: > Hello, > > this is not strictly Postfix related, but I don't know how to get in > contact with a similar crowd of experienced folks. Please direct me to a > more suitable mailing list, it one exist. > > In the last two weeks I've seen an upsurge of the rate to which spam > messages are delivered to my domain inboxes. Nothing is changed in my > quite standard configuration, thus I guess that spammers found a way to > circumvent the basic protections I have in place. Did anyone notice > something similar? What are the possible countermeasures? > > I use Postfix with this simple configuration: > > header_checks = pcre:/etc/postfix/header_checks.pcre > smtpd_helo_required = yes > smtpd_delay_reject = yes > disable_vrfy_command = yes > smtpd_recipient_restrictions = > permit_sasl_authenticated > reject_invalid_hostname > reject_non_fqdn_hostname > reject_non_fqdn_sender > reject_non_fqdn_recipient > reject_unknown_sender_domain > reject_unknown_recipient_domain > permit_mynetworks > reject_unauth_destination > permit_dnswl_client list.dnswl.org > reject_rbl_client zen.spamhaus.org > reject_rbl_client b.barracudacentral.org > reject_rbl_client dul.dnsbl.sorbs.net > reject_rhsbl_reverse_client dbl.spamhaus.org > reject_rhsbl_sender dbl.spamhaus.org > reject_rhsbl_helo dbl.spamhaus.org > permit > > with header_checks.pcre containing: > > /^X-Delivered-To: .*@grinta\.net$/ REJECT Mail forwarding loop detected > /^(Delivered-To: .*@grinta\.net)$/ REPLACE X-$1 > /^X-Spam-Status: Yes/ REJECT Looks like spam > > and SpamAssassin as a SMTP proxy filter via spampd. > > Thanks for any comment. > > Best, > Daniele >
