Occassionally I see a spamcop.net report on backscattered email.
Our MXes forward to three other servers, so we use virtual_alias_maps,
set up with a mapping for every email account, and
we set smtpd_client_restrictions = reject_unlisted_recipient
amongst other restrictions.
I'll report the smtpd related details here so those who
want to know how it is set up can see.
smtpd_recipient_restrictions = reject_unknown_recipient_domain,
hash:/etc/postfix/whitelist, check_client_access hash:/etc/postfix/access,
smtpd_client_restrictions = reject_unlisted_recipient, check_client_access
hash:/etc/postfix/access, reject_invalid_hostname, reject_unknown_client
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/blacklist,
check_sender_access hash:/etc/postfix/whitelist, check_client_access
smtpd_helo_restrictions = check_helo_access hash:/etc/postfix/helo_access,
virtual_alias_domains = $virtual_alias_maps, mydomain.ca
virtual_alias_maps = hash:/etc/postfix/relocated
I believe we are doing the right thing to prevent backscatter email queuing.
If there is room for improvement, I'd like to learn anything missing/wrong
with the above.
Our users normally want others to learn of bounces for things like
typo'ed addresses. So we are not going to turn off non-delivery messages.
Spamcop's FAQ on backscatter and prevention "Misdirected bounces" implies
there is something we can do to prevent this. In my understanding, my
postfix set up does what spamcop is asking to be done:
"Configure your software to either reject messages during delivery or accept
Yet there are occassionally users reporting our MX to spamcop (even though
IP of the backscatter is listed in the header trace in the attached Delivery
Received: from acadiau.ca ([127.0.0.1])
by localhost (x3.mydomain.ca [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id Tfd1qCE4QYv1 for <x>;
Mon, 10 Nov 2008 07:02:24 -0400 (AST)
Received: from 212-34-112-114.domolink.elcom.ru (
by acadiau.ca (Postfix) with ESMTP id D54454E4E1
for <x>; Mon, 10 Nov 2008 07:02:22 -0400 (AST)
Is there anything more I can be doing?
Does anyone feel Spamcop's position on backscatter too simplistic?
|New Postfix log analyzer tool, statistics, grapher, ... PostgreSQL DB 9.2.x based||6|
|smtpd_client_message_rate_limit not working||2|
|Symlink problem = file is a symbolic link or Mailbox vulnerable - directory /var/spool/mail must have 1777 protection||8|
|forged outlook html||1|
|Tool to read queued messages?||6|
|Increasing logging on queue messages||6|
|mailserver with dynamic IP and relayhost||1|
|Postfix local users & fallback relay||3|