Hi There, We are using postfix on debian lenny. Everything is mysql backed and we are using amavisd-new (spamassassin with daily updates from saupdates.openprotect.com and updates.spamassassin.org & clam-av), postfix-policy greylisting and postfix-policyd-spf-python. All updates applied.
But we are still getting hammered by backscatter spam (like the below) and are hoping to get the lists input with where to head in terms of getting this sorted... it seems like everything we look at just does not quite suit our setup. Many thanks in advance!!!! Simon Received: from psmtp.com ([64.18.3.158]) by mosesafonso.com with Microsoft SMTPSVC(6.0.3790.3959); Sun, 20 Mar 2011 14:18:35 -0400 Received: from source ([93.85.177.92]) by exprod8mx291.postini.com ([64.18.7.13]) with SMTP; Sun, 20 Mar 2011 14:18:34 EDT Received: from 93.85.177.92 (account 0-0-0-0-cbouys...@microapp.com HELO syccjjv.pqhsfgogqp.com) by (CommuniGate Pro SMTP 5.2.3) with ESMTPA id 932104756 for sbow...@mosesafonso.com; Sun, 20 Mar 2011 20:18:34 +0200 To: <sbow...@mosesafonso.com> Subject: Re: CV From: <no-reply-...@financeinfrance.com> MIME-Version: 1.0 Importance: High Content-Type: text/html X-pstn-neptune: 1/1/1.00/86 X-pstn-levels: (S: 0.00445/92.75607 CV:99.9000 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:97.0282 C:98.6951 ) Message-ID: <2322245927972554085239078162...@psmtp.com> Return-Path: {user}@{clientdomain}.com X-OriginalArrivalTime: 20 Mar 2011 18:18:35.0168 (UTC) FILETIME=[39EDB200:01CBE72B] Date: Sun, 20 Mar 2011 14:18:35 -0400 Our setup: We have 2 x inbound mail servers (mail-in1 & mail-in2, which are identical in setup and do simple load balancing) that do the above, once filtered the mail is sent to a dbmail cluster. Out clients are all over the place, connecting via the internet to our dbmail service (e.g. not a lan). We then have two separate outgoing mail servers, mail-out1 and mail-out2. mail-out1 is used by our client base who connect with authenticated SMTP, mail-out2 backs up our other servers (such as web servers etc) to allow them to send email. # postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no body_checks = regexp:/etc/postfix/body_checks config_directory = /etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 inet_interfaces = all mailbox_size_limit = 0 maximal_backoff_time = 2000 message_size_limit = 52428800 mime_header_checks = regexp:/etc/postfix/mime_header_checks.regexp minimal_backoff_time = 500 mydestination = mysql:/etc/postfix/mysql-transport.cf myhostname = mail-in1.{ourdomain}.net mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 myorigin = /etc/mailname queue_run_delay = 500 readme_directory = no recipient_delimiter = + relayhost = smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_data_restrictions = reject_unauth_pipelining, permit smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_invalid_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_rbl_client zen.spamhaus.org, check_client_access pcre:/etc/postfix/fqrdns.pcre, #check_sender_access hash:/etc/postfix/check_backscatterer, check_policy_service unix:private/policyd-spf, check_policy_service inet:127.0.0.1:10031, permit smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes transport_maps = mysql:/etc/postfix/mysql-transport.cf unknown_local_recipient_reject_code = 550 virtual_alias_maps = mysql:/etc/postfix/mysql-aliases.cf