Rafael Azevedo: > Hi Kevin, > I think this might be related to a customized content filter after queue > that we have. > How should the content filter answer in case we don't want to accept the > message neither for bounces or to the delivery queue? > Huge thanks!
Options: - Run it as a before-queue filter (using smtpd_proxy_filter, see http://www.postfix.org/SMTPD_PROXY_README.html). - Run it as a before-queue filter (using the Milter API, see http://www.postfix.org/MILTER_README.html). There are several systems that can be used this way (spamassassin, amavis, to name a few). - Otherwise, quarantine, or file to spam folder (perhaps add a "SPAM" message header and use a Sieve rule). This is not as bad as silently discarding email. Wietse > Em ter., 29 de dez. de 2020 ?s 11:31, Kevin A. McGrail <kmcgr...@pccc.com> > escreveu: > > > On 12/29/2020 7:37 AM, Rafael Azevedo wrote: > > > Hi there, > > > > > > I've noticed that one of our servers is receiving a huge amount of > > > unauthorized requests. > > > > > > User connects to our server and tries to send an email to any > > > destination. Our servers denies the message because user is not > > > authenticated. Then, a bounce is generated to the source address, > > > which was fake and turns to be the final destination, so at the end, > > > the email is actually sent as a bounce, proliferating lots of spam. > > > > > > Is there a way to avoid this? > > > > Hi Rafael, This sounds like backscatter. To avoid it, you need to > > reject the email during the real-time SMTP dialog with the sender, i.e. > > during the connection from the sender, if it's an invalid recipient, > > reject with 5xx. This will cause you to tell the sending server and you > > don't generate a bounce. > > > > The question is: Why are you accepting the email, then determining it's > > invalid, and creating a bounce? I would typically look at some sort of > > architecture issue where you haven't done what we call promoted the > > valid users to the edge of your internet connection. > > > > Hope this helps and share more information for more guidance. > > > > > > Regards, > > KAM > > > > > >
