On Sat, 2010-07-10 at 14:15 +0200, Administrator Beckspaced.com wrote: > > On 7/9/2010 16:13, Administrator Beckspaced.com wrote: > > > > > > On 7/9/2010 14:40, Ram wrote: > >> On Fri, 2010-07-09 at 13:35 +0200, Administrator Beckspaced.com wrote: > >>> On 7/9/2010 13:27, Robert Schetterer wrote: > >>>> Am 09.07.2010 12:51, schrieb Administrator Beckspaced.com: > >>>>> hello robert, > >>>>> > >>>>> thanks a lot for your quick reply ... > >>>>> actually it is not always the same IP or host sending the error > >>>>> bounces ... > >>>>> the bounces are sent from hundred of different IP addresses ... > >>>>> > >>>>> any more idea? > >>>>> > >> Usually you can do very little to prevent forging your domain and > >> sending spam. > >> Some months ago one client of ours too had the same issue, but the issue > >> is very temporary. > >> The short term solution , as someone suggested, will be to temporarily > >> defer all NDR's with a sender check regex file like > >> /<>/ 450 Try Later > >> > >> > >> ( The RFC's say you cant do this .. but sometimes you must be > >> practical :-) ) > >> > >> > >> > >> > >> > From my personal experience I found that if , for your regular mailing > >> you use some sender authentication mechanism like SPF then these NDR's > >> significantly reduce. For eg many servers reject forged messages based > >> on SPF checks so you dont get NDR's from them at least. > >> > >> I guess , spammers ( the more intelligent ones ... I mean ) too would > >> be less inclined to forge a domain that uses sender authentication > >> Because that will reduce the deliverability of their spams > >> > >> Thanks > >> Ram > >> > >> > >> > >> > >> > > hello again robert & ram > > > > thanks again for your ideas ... > > > > so i had another search in google about that backscatter topic and > > sort of found a nice, simple & also quick solution? > > > > SAFE MODE with Postfix: > > > > Edit /etc/postfix/main.cf: > > smtpd_recipient_restrictions = > > ... > > check_sender_access dbm:/etc/postfix/check_backscatterer > > ... > > Create new file:/etc/postfix/check_backscatterer: > > <> reject_rbl_client ips.backscatterer.org > > postmaster reject_rbl_client ips.backscatterer.org > > > > well ... had to change the postfix dbm lookup to hash and do a postmap > > on the file ... > > but now this seems to work as it already rejected a few emails > > according to the mail log ... > > > > more info can be found here -> > > > > http://www.backscatterer.org > > > > does anyone have any experience with that list? > > is this a good longterm solution? > > > > best regards > > becki > > > hello again ram, robert & postfix users ;-) > > already posted yesterday about the backscatterer.org ... > but was a bit too skeptical to do the check on ALL NDR's for ALL email > accounts on my mail server ... > > so i had a look around to do the check ONLY for that specific email account. > it's actually quite easy with smtpd_restriction_classes > > i thought i will write a short 'todo' as it might help some other mail > server administrators out there ... who knows? > > so first thing is to setup a restriction class in main.cf -> > > smtpd_restriction_classes = reject_ndr_class > reject_ndr_class = check_sender_access hash:/etc/postfix/backscatter_check > > now create the backscatter_check file in /etc/postfix/ > touch /etc/postfix/backscatter_check > > and fill in this data > > <> reject_rbl_client ips.backscatterer.org > postmaster reject_rbl_client ips.backscatterer.org > MAILER-DAEMON reject_rbl_client ips.backscatterer.org
use a regexp: file I dont think <> is supported in a hash: file /<>/ reject_rbl_client ips.backscatterer.org /^postmaster/ reject_rbl_client ips.backscatterer.org