decoder wrote: > We recently discovered that even our own mailserver (Postfix) was a > backscatter source (and 1-2 weeks ago spammers started to actively use > it), there were several reasons and I'd like to share these points with > the list so nobody does the same mistakes.
Thanks for the discussion. > 2) By default, Postfix happily seems to accept email addresses refering > to subdomains of domains listed in $mydestination. The option > responsible for this cruel behavior is > "parent_domain_matches_subdomains" which is by default not empty. We've > set it to an empty string and after that, Postfix finally rejected mails > to bogus recipients on our subdomains. The default value is: parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps I don't think that any of those should match and therefore is safe by default. I poked at my server and couldn't trick it into accepting mail to subdomains. If yours is allowing messages through by matching one of them then I suspect that the configurations for it is the problem and should be fixed. In other words, you might not be done debugging yet and may still have another problem to figure out. :-} Bob
