Hello Predrag,
Saturday, September 11, 2004, 9:47:42 AM, you wrote:
PL> Spammer apparently is using [EMAIL PROTECTED] in the FROm PL> field of the emails he is sending out. Domain is one of my customers PL> virtual domain, spammer made up the username in the email address.
PL> Now I am getting burried by mail notifications returning to PL> sender...obviously wrong person.
Understood. I'm not being flooded, but have a steady stream of similar spam. Same thing happens with virus warnings/bounces.
PL> How do you people deal with this? Is there anything I can do? Email PL>
I use Postfix. I catch this before it comes in. Why waste bandwidth and accept the whole message?
My server (Postfix) Issues the following:
550 Liar, Liar you are an Imposter and have been reported.
You misunderstand the problem. The poster was complaining about backscatter (bounce notifications from other servers who recieved mail with the forged FROM address), and *not* about mail with the forged FROM address coming directly to him. (You neglect to mention *how* you make Postfix take care of the latter: typically check_sender_access is used in smtpd_recipient_restrictions with an entry such as: example.com 554 You're a liar!) Catching backscatter at the SMTP level, OTOH, is incredibly difficult. I bet you don't have a solution for that.
- paul
