We've implemented an RBL for bounces using the data from
http://www.backscatterer.org/ -
It has virtually eliminated backscatter spam from entering our servers.
We have about 15k internal users and somewhere around 2 million emails
in and out daily, and being a very lightweight solution it has not been
a bottleneck at all. You might want to give it a try.
Joe
On 02/01/2011 03:39 PM, Simon wrote:
We are using postfix with debian lenny...
We are receiving what appears to be backscatter from spam that is
using a valid address in the Return Path. I have included an example
of the header info from one of the spam messages below. The “From” and
“To” addresses just seem to be random and are not related to us in any
way. Does anyone know to block this sort of backscatter?
Original message headers:
Return-Path: <soa@*
<mailto:s...@newmedia.net.nz>*[ourdomain.actual.domain]**>
Received: from 195-191-72-102.optolan.net.ua
<http://195-191-72-102.optolan.net.ua> (unknown [195.191.72.102])
by smtp-0.counselschambers.com.au
<http://smtp-0.counselschambers.com.au> (Postfix) with ESMTP id
1D400396B7E
for <so...@tenthfloor.org
<mailto:so...@tenthfloor.org>>; Wed, 2 Feb 2011 08:28:43 +1100 (EST)
From: no-reply...@job.com <mailto:no-reply...@job.com>
To: <so...@tenthfloor.org <mailto:so...@tenthfloor.org>>
Subject: Position opening in your area
MIME-Version: 1.0
Importance: High
Content-Type: text/html
Message-ID: <20110201212844.1d400396...@smtp-0.counselschambers.com.au
<mailto:20110201212844.1d400396...@smtp-0.counselschambers.com.au>>
Date: Wed, 2 Feb 2011 08:28:43 +1100
Thanks
Simon
