Halassy Zolt??n:
> > can you show an example?
>
> postfix log (my contract forbids to put client data here, so masqueraded
> the real hostnames and IPs):
>
> Mar 6 19:01:41 mail postfix/smtpd[6930]: NOQUEUE: reject: RCPT from
> www.XXX.hu[X.X.X.X]: 450 4.1.7 <www-d...@www.xxx.hu>: Sender address
> rejected: unverified address: connect to www.XXX.hu[X.X.X.X]:25:
> Connection refused; from=<www-d...@www.xxx.hu>
> to=<valid-em...@local.domain.hu> proto=ESMTP helo=<www.XXX.hu>
>
> www.XXX.hu is a large webhosting service, lot of webpages running on it,
> some uses contact with our clients, but with valid source e-mail
> addresses. So firewalling out this IP doesn't help.
>
> Some other webpages got hacked or something, but they sending spam.
I recommend that you stop the spam at its source, the hacked websites,
instead of trying to block that spam down-stream with Postfix.
Wietse
