On 5/25/11 9:09 AM, Eric J Esslinger wrote: > Mac Mail (and others) have a "feature" that allows my customers to generate a > fake NDR message and send it back through my server. I get about a customer > every few months that discovers this 'solution' to spam emails, and when it > happens they cause delivery problems for my customer mail server by > generating backscatter. > > Today I just ended up on a list that won't take me off for quite a while (or > unless I pay). > > Does anyone know of a way for me to block the following, using postfix, > either via refusing to accept the mail or by dropping it in /dev/null: > Mail from <> or postmaster that originates within our customer IP blocks/is > sent using authentication at the submission port and/or that does not have a > valid local recipient. > > I can't find any ready made recipies online for this sort of thing in a short > dig around for it, and while I think it's possible, I was wondering if anyone > else was already dealing with this and could say 'oh yeah just put line blah > in header_checks'. I would think it would be simple once you find it but you > know how it is. > > (I've already dealt with the customer in question but I'm getting tired of > this popping up every month or three.)
You can check for a combination of two or more of these headers: Auto-Submitted: auto-generated (failure) X-Mailer: Apple Mail (x) Content-Type: multipart/report; boundary=x; report-type=delivery-status ~Seth