mouss wrote:
I guess the reason is that it is so easy to make a mistake in a mailserver configuration that enables backscatter...he's not the only one... seems there's a lot of backscatter coming in these days.
We recently discovered that even our own mailserver (Postfix) was a backscatter source (and 1-2 weeks ago spammers started to actively use it), there were several reasons and I'd like to share these points with the list so nobody does the same mistakes.
1) With Virtual Domains, the recipient validation is not properly done anymore once you map one virtual domain to another, so do not do that. Also never use wildcards with domain names except if there is a catch all defined for this virtual domain entry.
2) By default, Postfix happily seems to accept email addresses refering to subdomains of domains listed in $mydestination. The option responsible for this cruel behavior is "parent_domain_matches_subdomains" which is by default not empty. We've set it to an empty string and after that, Postfix finally rejected mails to bogus recipients on our subdomains.
If any of that is wrong, feel free to correct me :) Best regards, Chris
smime.p7s
Description: S/MIME Cryptographic Signature
