Hi There,
We are using postfix on debian lenny. Everything is mysql backed and
we are using amavisd-new (spamassassin with daily updates from
saupdates.openprotect.com and updates.spamassassin.org & clam-av),
postfix-policy greylisting and postfix-policyd-spf-python. All updates
applied.
But we are still getting hammered by backscatter spam (like the below)
and are hoping to get the lists input with where to head in terms of
getting this sorted... it seems like everything we look at just does
not quite suit our setup.
Many thanks in advance!!!!
Simon
Received: from psmtp.com ([64.18.3.158]) by mosesafonso.com with Microsoft
SMTPSVC(6.0.3790.3959); Sun, 20 Mar 2011 14:18:35 -0400
Received: from source ([93.85.177.92]) by exprod8mx291.postini.com
([64.18.7.13]) with SMTP;
Sun, 20 Mar 2011 14:18:34 EDT
Received: from 93.85.177.92 (account 0-0-0-0-cbouys...@microapp.com
HELO syccjjv.pqhsfgogqp.com)
by (CommuniGate Pro SMTP 5.2.3)
with ESMTPA id 932104756 for sbow...@mosesafonso.com; Sun, 20 Mar
2011 20:18:34 +0200
To: <sbow...@mosesafonso.com>
Subject: Re: CV
From: <no-reply-...@financeinfrance.com>
MIME-Version: 1.0
Importance: High
Content-Type: text/html
X-pstn-neptune: 1/1/1.00/86
X-pstn-levels: (S: 0.00445/92.75607 CV:99.9000 FC:95.5390 LC:95.5390
R:95.9108 P:95.9108 M:97.0282 C:98.6951 )
Message-ID: <2322245927972554085239078162...@psmtp.com>
Return-Path: {user}@{clientdomain}.com
X-OriginalArrivalTime: 20 Mar 2011 18:18:35.0168 (UTC)
FILETIME=[39EDB200:01CBE72B]
Date: Sun, 20 Mar 2011 14:18:35 -0400
Our setup:
We have 2 x inbound mail servers (mail-in1 & mail-in2, which are
identical in setup and do simple load balancing) that do the above,
once filtered the mail is sent to a dbmail cluster. Out clients are
all over the place, connecting via the internet to our dbmail service
(e.g. not a lan). We then have two separate outgoing mail servers,
mail-out1 and mail-out2. mail-out1 is used by our client base who
connect with authenticated SMTP, mail-out2 backs up our other servers
(such as web servers etc) to allow them to send email.
# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
body_checks = regexp:/etc/postfix/body_checks
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
inet_interfaces = all
mailbox_size_limit = 0
maximal_backoff_time = 2000
message_size_limit = 52428800
mime_header_checks = regexp:/etc/postfix/mime_header_checks.regexp
minimal_backoff_time = 500
mydestination = mysql:/etc/postfix/mysql-transport.cf
myhostname = mail-in1.{ourdomain}.net
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
queue_run_delay = 500
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_data_restrictions =
reject_unauth_pipelining,
permit
smtpd_recipient_restrictions =
permit_mynetworks,
reject_unauth_destination,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_invalid_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_rbl_client zen.spamhaus.org,
check_client_access pcre:/etc/postfix/fqrdns.pcre,
#check_sender_access hash:/etc/postfix/check_backscatterer,
check_policy_service unix:private/policyd-spf,
check_policy_service inet:127.0.0.1:10031,
permit
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
transport_maps = mysql:/etc/postfix/mysql-transport.cf
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql-aliases.cf
