George Papas:
> Hi
>
> I have a small? SMTP server for around 35 users in the company I work .
>
> The last 3 -4 days I'm being bombed with backstatter? mails from all
> over the world .
>
> I have found out the abusing IP who sends the messages as one of my
> accounts but
>
> I cant find out how to stop bombing my server with backscatter mails
> from all over .
>
> I tried to implement body_checks using the following :
>
>
> my main.cf :
>
> header_checks = regexp:/etc/postfix/header_checks
> body_checks = pcre:/etc/postfix/body_checks
>
>
> body_checks :
>
> # Do not indent the patterns between "if" and "endif".
> if /^[> ]*Received:/
> /^[> ]*Received: +from +ip53\.ip-139-99-176\.net /
> reject forged sender name in Received: header: $1
> endif
>
>
> and I get this in the logs? but the messages bounce back :
>
> warning: body_checks lookup of Received: from ip53.ip-139-99-176.net
> (ip53.ip-139-99-176.net [139.99.176.53]) returns an empty string result
> Feb? 2 02:59:13 postfix/cleanup[25450]: warning: body_checks should
> return NO RESULT in case of NOT FOUND
>
>
> Can somebody help me ? I,m getting over a thousand reports per hour in
> my postmaster mailbox
Did you notice the warnings for "no replacement text: using empty string"
and "ignoring unrecognized request"?
Wietse
