Hi Noel,
> On Oct 30, 2017, at 4:07 PM, Noel Jones <[email protected]> wrote:
>
>> On 10/30/2017 2:52 PM, J Doe wrote:
>> Hi,
>>
>> One of my mail servers (Postfix 3.1.0), is configured to perform virtual
>> domain hosting. It forwards mail to the virtual domain to mailboxes of
>> users on Gmail.
>>
>> I can see in my mail log that spam with forged origin addresses sometimes
>> comes into my server that is addressed to virtual domain addresses. My
>> server rejects some of this spam and then generates a non-delivery e-mail to
>> the origin address of the spam. Of course, as some of those addresses are
>> forged, my server is producing backscatter.
>
>
> Your mail server must have a list of valid recipients and reject
> mail to unknown recipients. Where to list the valid recipients
> depends on how the domain is defined in postfix. Most of what you
> need can be found in
> http://www.postfix.org/ADDRESS_CLASS_README.html
>
> Avoid any wild-card domain rewrites since those disable recipient
> validation.
>
> If your mail server does after-queue spam scanning, it MUST NOT
> generate a bounce for unwanted mail. Either tag-and-deliver mail or
> scan during SMTP so you can reject (not bounce) unwanted mail.
Thank you for your reply.
Now that I think of it, I think I left out some necessary details about my
server in my original e-mail.
In my case, with my server configured to do virtual domain hosting (let’s say
for the domain example.com), mail addressed to a recipient on my server gets
forwarded to the recipient’s corresponding Gmail account.
So for example:
Spam —> [email protected] —> [email protected]
When spam is sent to [email protected] my server then tries to forward that to
[email protected]. GMail’s spam filters detect spam and generate an SMTP error
code. My server then generates a non-delivery status e-mail. Because the spam
had a forged origin e-mail address, my server then generates backscatter to
that forged address.
With regards to your reply, I am not having spam addressed to an unknown
recipient at the virtual domain (such as [email protected]) -
this e-mail is addressed to a valid recipient that gets blocked by GMail and
then generates backscatter.
I did read the link you provided and I also looked at “Rejecting Unknown Local
Recipients with Postfix”, but from that document I was under the impression
that I got blocking of unknown recipients automatically in Postfix 3.1.0:
“As of Postfix version 2.0, the Postfix SMTP server rejects mail for
unknown
recipients in local_domains . . . This feature was optional with earlier
Postfix
versions” [1]
How do I stop backscatter generated from my server in response to the bounces
from Gmail ?
Thanks again,
- J
Sources:
[1] http://www.postfix.org/LOCAL_RECIPIENT_README.html
