On 2021-02-04 09:08, ludic...@gmail.com wrote:
Hi all,
new MS Azure Cloudapp Spam Wave these days.
Just a few hosts, but a lot of Spam. There is a pattern there, they all
use
Return-Path: <MAILER-DAEMON>
to disguise as a bounce and bypass any further checks.
So the PCRE header check
/^Return-Path: <MAILER-DAEMON>/ REJECT Forged Return-Path
does not catch.
Any other chance of making this work in postfix checks?
Actually a re-visit to my topic about MS Azure Cloud Spam from
December, but
much more clarified matters now after some time of observation.
Add postscreen to your config. Postscreen stopped that spam wave with
high DNSBL ranks for me.
This http://rob0.nodns4.us/postscreen.html is a good ressource and i
have it setup more or less the way described there + some minor
adjustments needed for my setup.
Greets,
Ludi
--
Christian Kivalo