Hi
I have a small SMTP server for around 35 users in the company I work .
The last 3 -4 days I'm being bombed with backstatter mails from all
over the world .
I have found out the abusing IP who sends the messages as one of my
accounts but
I cant find out how to stop bombing my server with backscatter mails
from all over .
I tried to implement body_checks using the following :
my main.cf :
header_checks = regexp:/etc/postfix/header_checks
body_checks = pcre:/etc/postfix/body_checks
body_checks :
# Do not indent the patterns between "if" and "endif".
if /^[> ]*Received:/
/^[> ]*Received: +from +ip53\.ip-139-99-176\.net /
reject forged sender name in Received: header: $1
endif
and I get this in the logs but the messages bounce back :
warning: body_checks lookup of Received: from ip53.ip-139-99-176.net
(ip53.ip-139-99-176.net [139.99.176.53]) returns an empty string result
Feb 2 02:59:13 postfix/cleanup[25450]: warning: body_checks should
return NO RESULT in case of NOT FOUND
Can somebody help me ? I,m getting over a thousand reports per hour in
my postmaster mailbox
thanks in advance
GP
