Occassionally I see a spamcop.net report on backscattered email. Our MXes forward to three other servers, so we use virtual_alias_maps, set up with a mapping for every email account, and we set smtpd_client_restrictions = reject_unlisted_recipient amongst other restrictions.
I'll report the smtpd related details here so those who want to know how it is set up can see. smtpd_recipient_restrictions = reject_unknown_recipient_domain, reject_unauth_destination, check_recipient_access hash:/etc/postfix/user_overquota, check_recipient_access hash:/etc/postfix/recipient_access, check_sender_access hash:/etc/postfix/whitelist, check_client_access hash:/etc/postfix/access, reject_non_fqdn_recipient, reject_rbl_client MYLICENSEKEYISHEREBYOBSCURED.r.mail-abuse.com, permit smtpd_client_restrictions = reject_unlisted_recipient, check_client_access cidr:/etc/postfix/client.cidr, check_sender_access hash:/etc/postfix/whitelist, check_recipient_access hash:/etc/postfix/recipient_access, check_client_access hash:/etc/postfix/access, reject_invalid_hostname, reject_unknown_client smtpd_data_restrictions = reject_unauth_pipelining smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/blacklist, check_sender_access hash:/etc/postfix/whitelist, check_client_access hash:/etc/postfix/access, reject_unknown_sender_domain, reject_non_fqdn_sender smtpd_helo_restrictions = check_helo_access hash:/etc/postfix/helo_access, reject_invalid_hostname virtual_alias_domains = $virtual_alias_maps, mydomain.ca virtual_alias_maps = hash:/etc/postfix/relocated hash:/etc/postfix/class_lists hash:/etc/postfix/virtual /recipient I believe we are doing the right thing to prevent backscatter email queuing. If there is room for improvement, I'd like to learn anything missing/wrong with the above. Our users normally want others to learn of bounces for things like typo'ed addresses. So we are not going to turn off non-delivery messages. Spamcop's FAQ on backscatter and prevention "Misdirected bounces" implies there is something we can do to prevent this. In my understanding, my postfix set up does what spamcop is asking to be done: "Configure your software to either reject messages during delivery or accept them permanently." Yet there are occassionally users reporting our MX to spamcop (even though the originating IP of the backscatter is listed in the header trace in the attached Delivery Report). Received: from acadiau.ca ([127.0.0.1]) by localhost (x3.mydomain.ca [127.0.0.1]) (amavisd-new, port 10024) with LMTP id Tfd1qCE4QYv1 for <x>; Mon, 10 Nov 2008 07:02:24 -0400 (AST) Received: from 212-34-112-114.domolink.elcom.ru ( 212-34-112-114.domolink.elcom.ru [212.34.112.114]) by acadiau.ca (Postfix) with ESMTP id D54454E4E1 for <x>; Mon, 10 Nov 2008 07:02:22 -0400 (AST) Message-ID: <[EMAIL PROTECTED]> From: "ingelbert joachim" <x> To: <x> Subject: ID MSG:81531 I am Julia, 27 y.o. Russia (dating) Is there anything more I can be doing? Does anyone feel Spamcop's position on backscatter too simplistic? --Donald
