Zitat von mouss <mo...@ml.netoyen.net>:
Le 24/11/2010 11:04, Patric Falinder a écrit :lst_ho...@kwsoft.de skrev 2010-11-24 10:22:Zitat von Patric Falinder <patric.falin...@omg.nu>:Hi, A colleague of mine gets a lot of weird Delivery Status Notifications, Failure Notice and Rejected messages. Yesterday she got 200 of them.. They all come from different servers and they are most from Russia and Japan and they are countries that we have no connection to at all. I've looked at the message headers and I can't figure out Why he receives so many messages.. All the mail-servers that send them to us have PTR-records so they look legit to me. They all come from MAILER-DAEMON and the content is pretty much rubbish. I attached a message with headers and everything, just changed the address for my colleague. Is there some way that I can block these kind of things? Is someone sending out spam using her email-address and when the receiving server can't deliver they send the notice to the real address?It's called "backscatter". Have a look here http://www.postfix.org/BACKSCATTER_README.html Maybe consider using the DNSRBL from http://www.backscatterer.org/ for the address affected, at least the server in your example is listed there. Regards AndreasThank you! I've never heard of backscatterer.org before so I will try that and see if it helps :)unfortunately, that list is not "usable" in a serious environment. they mix real backscatterers with SAV and so on. whatever you think about SAV, it's different from bounces, and as such should be considered different. but these guys, as many others, wanna play the network police...
That's why i suggested to the OP to limit it to the recipient address in question and the <> sender.
Regards Andreas
smime.p7s
Description: S/MIME Cryptographic Signature