On 11/23/2009 3:25 PM, K bharathan wrote:
On Mon, Nov 23, 2009 at 8:02 PM, /dev/rob0 <r...@gmx.co.uk
<mailto:r...@gmx.co.uk>> wrote:
On Mon, Nov 23, 2009 at 03:51:33PM +0100, Robert Schetterer wrote:
> > the server got a list of domains (those domains mail servers
use this
> > server as relayhost)to relay out and does only smtp out; what
could be
> > wrong in the above config; appreciate ur assistance upon this
>
> thats the reason, guess your relay clients get lots of i.e spam/virus
> mail,perhaps they bounce after allready got the mail for nonexistent
> domains/mailaccounts etc ( do they have catch alls, buggy virus
Indeed, if you relay backscatter, you can expect to be listed as a
backscatterer! That's pretty simple. Don't do it. Get the clients to
fix their problems. In the meantime a check_sender_access lookup
will stop the abuse:
<> HOLD
and you can check mailq(1) periodically; release any that look like
legitimate bounces, and deal with the others as may be appropriate.
"man postsuper" for information.
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header
i tried putting <> HOLD in allowed domains (mydomain map) but it
doesn't work and result in 'relay access denied'; how can i put this and
check ?
That needs to go in a check_sender_access map. Something like:
# main.cf
smtpd_sender_restrictions =
check_sender_access hash:/etc/postfix/hold_bounce
# /etc/postfix/hold_bounce
<> HOLD
I expect there will be thousands of these. You don't
(usually) get on a backscatter blacklist for sending just a
few bounces.
The real solution is to get the incoming gateways to stop
accepting stuff that will be bounced. If the incoming
gateways are not under your control, stop accepting mail from
them.
-- Noel Jones
