Thank you len for your detailed reply. So, from what your saying, I got blocked by hotmail not because of SAV, but because of postfix sending "email address does not exist" bounce messages to non-existent hotmail accounts.
So adding "reject_unverified_recipient" would make postfix reject it immediately and not send a bounce message back to hotmail ? -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Len Conrad Sent: Monday, April 09, 2007 5:49 PM To: [email protected] Subject: [IMGate] Re: Being used to do harvest hotmail accounts? >Here are a few more lines from the log directly and not from mailq, I still >think its related to SAV, or this is how its appearing to me, because its >not by someone trying to send through me, its happening because someone is >sending to me by a forged hotmail account >Apr 6 23:47:17 imgate postfix/qmgr[60489]: D72052C091: >from=<[EMAIL PROTECTED]>, size=3816, nrcpt=1 (queue active) ... msg accepted by postfix and queued. >Apr 6 23:47:17 imgate postfix/smtp[58737]: D72052C091: to=<[EMAIL PROTECTED]>, >relay=x.x.x.75[x.x.x.75]:25, delay=7.3, delays=7.3/0/0/0.01, dsn=5.0.0, >status=bounced (host x.x.x.75[x.x.x.75] said: 550 unknown user ><[EMAIL PROTECTED]> (in reply to RCPT TO command)) .... that is postfix tried to deliver the msg but it was bounced by your mailserver. >Apr 6 23:47:17 imgate postfix/bounce[58948]: D72052C091: sender >non-delivery notification: B043F2C082 ... postfix creates a non-delivery msg back to the garbage/forged sender [EMAIL PROTECTED], which is rejected by hotmail as unknown recipient. SAV logs as "reject: sender address rejected", which you don't show. >My log has a ton of these the but the destination "[EMAIL PROTECTED]" and from >"[EMAIL PROTECTED]" keep on changing. > >It actually looks like a brute force spam effort against my domain as the >retries keep on progressing alphabetically, and the indirect cause of this >got me black listed by hotmail because imgate was trying to verify if the >sender exists (SAV) which I thought I had disabled. SAV is not in the log lines above. >Now other than making sure SAV is really turned off, how do I prevent this >from happening ? postfix must reject incoming mail for recipients that do not exist on your mail server. above, it accepted a msg for [EMAIL PROTECTED] which your mail server bounced. either export the list of legit users to postfix, or use reject_unverified_recipient. Len
