On 10/30/2017 2:52 PM, J Doe wrote: > Hi, > > One of my mail servers (Postfix 3.1.0), is configured to perform virtual > domain hosting. It forwards mail to the virtual domain to mailboxes of users > on Gmail. > > I can see in my mail log that spam with forged origin addresses sometimes > comes into my server that is addressed to virtual domain addresses. My > server rejects some of this spam and then generates a non-delivery e-mail to > the origin address of the spam. Of course, as some of those addresses are > forged, my server is producing backscatter.
Your mail server must have a list of valid recipients and reject mail to unknown recipients. Where to list the valid recipients depends on how the domain is defined in postfix. Most of what you need can be found in http://www.postfix.org/ADDRESS_CLASS_README.html Avoid any wild-card domain rewrites since those disable recipient validation. If your mail server does after-queue spam scanning, it MUST NOT generate a bounce for unwanted mail. Either tag-and-deliver mail or scan during SMTP so you can reject (not bounce) unwanted mail. -- Noel Jones
