On 2/1/2011 5:39 PM, Simon wrote:
We are using postfix with debian lenny...
We are receiving what appears to be backscatter from spam that
is using a valid address in the Return Path. I have included
an example of the header info from one of the spam messages
below. The “From” and “To” addresses just seem to be random
and are not related to us in any way. Does anyone know to
block this sort of backscatter?
Original message headers:
Return-Path: <soa@*
<mailto:s...@newmedia.net.nz>*[ourdomain.actual.domain]**>
Received: from 195-191-72-102.optolan.net.ua
<http://195-191-72-102.optolan.net.ua> (unknown [195.191.72.102])
The client 195.191.72.102 is listed in zen.spamhaus.org. I
would start with using reject_rbl_client zen.spamhaus.org
somewhere in your config.
And then add the backscatter.org RBL as someone else suggested.
http://www.backscatterer.org/?target=usage (see the postfix
section)
-- Noel Jones
