thks for replying to me so quickly, I will add a: reject_rbl_client zen.spamhaus.org in my /etc/postfix/main.cf I already added : reject_rbl_client ips.backscatterer.org
how can I reject mail from outside claiming to be from my domain? with a 'from:' header only in the header_checks internal users cannot send emails, outgoing traffic was completely blocked. all the best bruno > Message du 13/01/09 20:47 > De : "Noel Jones" > A : "Bruno GRANDJEAN" > Copie à : postfix-users@postfix.org > Objet : Re: backscattering > > > Bruno GRANDJEAN wrote: > > Hi, > > > > I am using a 2.3 postfix with spamassassin under freeBSD. > > > > Actually I am trying to stop a massive backscatting attack to my smtp > > server. > > I followed the backscatting procedure on postfix website but it doesn't > > work. > > probably because this isn't backscatter... > > > > > Message-ID or EHLO fields for instance are too similar to my 'normal' > > emails. > > So the only solution is to test 'From:' AND 'To:' fields in the > > header_checks file. > > > > For instance: > > From: +...@mydomain\.tld > > > > To: +...@mydomain\.tld > > > > > > Normally, I do not receive any email from my own domain. > > So I can delete these emails without ulterior motive. > > Then why don't you just reject mail from outside claiming to > be from you? This is not without drawbacks, but it might be > suitable as a temporary measure. > > "reject_rbl_client zen.spamhaus.org" can work wonders too. > > > > > I founded an interesting regex which can test two patterns (pattern 1 > > AND pattern 2) but it doesn't work in the header_checks file. > > Postfix header_checks operate on one header at a time. It's > not possible to compare two headers in postfix. > > > Do u have any solution I could test on my config? > > I guess can find the solution with spamassassin but I'd like to find a > > solution with postfix in preference. > > Yes, spamassassin would help. > > -- > Noel Jones > >
