Hi Noel, > On Oct 30, 2017, at 4:07 PM, Noel Jones <njo...@megan.vbhcs.org> wrote: > >> On 10/30/2017 2:52 PM, J Doe wrote: >> Hi, >> >> One of my mail servers (Postfix 3.1.0), is configured to perform virtual >> domain hosting. It forwards mail to the virtual domain to mailboxes of >> users on Gmail. >> >> I can see in my mail log that spam with forged origin addresses sometimes >> comes into my server that is addressed to virtual domain addresses. My >> server rejects some of this spam and then generates a non-delivery e-mail to >> the origin address of the spam. Of course, as some of those addresses are >> forged, my server is producing backscatter. > > > Your mail server must have a list of valid recipients and reject > mail to unknown recipients. Where to list the valid recipients > depends on how the domain is defined in postfix. Most of what you > need can be found in > http://www.postfix.org/ADDRESS_CLASS_README.html > > Avoid any wild-card domain rewrites since those disable recipient > validation. > > If your mail server does after-queue spam scanning, it MUST NOT > generate a bounce for unwanted mail. Either tag-and-deliver mail or > scan during SMTP so you can reject (not bounce) unwanted mail.
Thank you for your reply. Now that I think of it, I think I left out some necessary details about my server in my original e-mail. In my case, with my server configured to do virtual domain hosting (let’s say for the domain example.com), mail addressed to a recipient on my server gets forwarded to the recipient’s corresponding Gmail account. So for example: Spam —> u...@example.com —> u...@gmail.com When spam is sent to u...@example.com my server then tries to forward that to u...@gmail.com. GMail’s spam filters detect spam and generate an SMTP error code. My server then generates a non-delivery status e-mail. Because the spam had a forged origin e-mail address, my server then generates backscatter to that forged address. With regards to your reply, I am not having spam addressed to an unknown recipient at the virtual domain (such as some_unknown_recipi...@example.com) - this e-mail is addressed to a valid recipient that gets blocked by GMail and then generates backscatter. I did read the link you provided and I also looked at “Rejecting Unknown Local Recipients with Postfix”, but from that document I was under the impression that I got blocking of unknown recipients automatically in Postfix 3.1.0: “As of Postfix version 2.0, the Postfix SMTP server rejects mail for unknown recipients in local_domains . . . This feature was optional with earlier Postfix versions” [1] How do I stop backscatter generated from my server in response to the bounces from Gmail ? Thanks again, - J Sources: [1] http://www.postfix.org/LOCAL_RECIPIENT_README.html