Hello list, from time to time i get hit by mass mail with fake sender addresses.
By default my postfix accepted those mails until it found out that the recipent does not exists. Then postfix tries to send back that "550 User Unknown" error mail. However, the sender is fake. Therefore the mails get stuck on my postfix mta. I now enabled recipient address verification. In that case my postfix mta will reject the mails already in the rcpt to stream. Which is great. However, i now got blacklisted by backscatterer: ------------------------------------------------------------------- This IP IS CURRENTLY LISTED in our Database. Please note that this listing does NOT mean you are a spammer, it means your mailsystem is either poorly configured or it is using abusive techniques. This kind of abuse is known as BACKSCATTER (Misdirected Bounces or Misdirected Autoresponders or Sender Callouts). Click the links above to get clue how and why to stop that kind of abuse. To track down what happened investigate your smtplogs near 20.08.2014 09:19 CEST +/-1 minute. You will either find that your system tried to send misdirected bounces or misdirected autoresponders to claimed but in reality faked senders, or your system tried sender verify callouts against our members near that time. So you should look for outgoing emails that have a NULL SENDER or POSTMASTER in MAIL FROM. Reading your logs carefully it shouldn't be a big deal to figure out what caused or renewed your listing. This IP is temporary listed. The listing will expire automatically and free of charge 4 weeks after the last abuse is seen from that IP. ------------------------------------------------------------------------ The source of this problem seem to be the emtpy address verify probes/mails. In this case this no spam or mass mails or anything. Just a lot of mails and empty from sender addresses and a lot of mail traffic. I already asked about this in http://archives.neohapsis.com/archives/postfix/2014-08/0282.html But i am not sure if i am doing it right in genereal. Does anyone have the same problem? Is reject_unverified_recipient the wrong way to go? Thanks a lot, Mario