Hello, I seemed to be losing the fight against backscatter email, one of our users is getting tons of backscatter spam a day. I'm using postfix Mail_version 2.7.0 + amavisd (Spamassassin) on FreeBSD machine. Please help!
# cat header_checks /^Content-Type: multipart\/report; report-type=delivery-status\;/ REJECT no third-party DSNs /^Content-Type: message\/delivery-status; / REJECT no third-party DSNs # Also in /etc/mail/spamassassin/local.cf # fighting backscatter spam whitelist_bounce_relays mail.domain.com postconf -n # postconf -n alias_database = hash:/usr/local/etc/postfix/aliases alternate_config_directories = /usr/local/etc/postfix-out anvil_rate_time_unit = 20s biff = no command_directory = /usr/local/sbin config_directory = /usr/local/etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /usr/local/libexec/postfix data_directory = /var/db/postfix debug_peer_level = 2 header_checks = regexp:/usr/local/etc/postfix/header_checks html_directory = no in_flow_delay = 1s local_recipient_maps = hash:/usr/local/etc/postfix/userdb, hash:/usr/local/etc/postfix/uservirt mail_owner = postfix mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man message_size_limit = 50000 mydestination = domin1.com, domin2.com, domin3.com, domin4.com, domin8.com myhostname = localhost.domain.com mynetworks = 127.0.0.0/8, myorigin = domain1.com newaliases_path = /usr/local/bin/newaliases queue_directory = /var/spool/postfix readme_directory = no sample_directory = /usr/local/etc/postfix sendmail_path = /usr/local/sbin/sendmail setgid_group = maildrop smtpd_banner = localhost.domain1.com smtpd_error_sleep_time = 0 unknown_local_recipient_reject_code = 550 Here is copy of the spam From: postmas...@kema.cz [ <mailto:postmas...@kema.cz> mailto:postmas...@kema.cz] Sent: Monday, April 05, 2010 5:18 PM To: Apple Up-To-Date Subject: DELIVERY FAILURE: User itoutmbox.jaring.mydewidlahajai (itoutmbox.jaring.mydewidlaha...@kema.cz) not listed in Domino Directory Your message Subject: 727.900 Apple App-Store Notice was not delivered to: itoutmbox.jaring.mydewidlaha...@kema.cz because: User itoutmbox.jaring.mydewidlahajai (itoutmbox.jaring.mydewidlaha...@kema.cz) not listed in Domino Directory Second spam From: Mail Delivery Subsystem [ <mailto:mailer-dae...@googlemail.com> mailto:mailer-dae...@googlemail.com] Sent: Tuesday, April 13, 2010 4:54 AM To: u...@domain.com Subject: Delivery Status Notification (Failure) Delivery to the following recipient failed permanently: ti...@flewid.de Technical details of permanent failure: Internal Message-ID collision ----- Original message ----- Received: by 10.142.196.7 with SMTP id t7mr2417975wff.151.1271159616338; Tue, 13 Apr 2010 04:53:36 -0700 (PDT) Return-Path: <u...@domain.com> Received: from localhost ([210.112.121.12]) by mx.google.com with SMTP id 14si5418385pzk.68.2010.04.13.04.53.31; Tue, 13 Apr 2010 04:53:35 -0700 (PDT) Received-SPF: neutral (google.com: 210.112.121.12 is neither permitted nor denied by best guess record for domain of u...@domain.com) client-ip=210.112.121.12; Authentication-Results: mx.google.com; spf=neutral (google.com: 210.112.121.12 is neither permitted nor denied by best guess record for domain of u...@domain.com) smtp.mail=u...@domain.com Date: Tue, 13 Apr 2010 20:50:10 +0300 From: "Apple Up-To-Date" <up-to-d...@apple.com> To: <ti...@flewid.de> Message-ID: <11686.9434705946255272...@store.apple.com> Subject: 95-577 Apple App-Store Notify MIME-Version: 1.0 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit
