The problem is as follows: A spammer is using an ip address which hast thousands of domains registered, the apammer uses a botnet to send from his domains but from many different source ips. My customers then receive the spams and a lot of them have forward anything rules, the new generated forwarded mails could be rejected by the receiving mailhosts through lets say any spamhaus rbl, my mtaout hosts then forge mailer daemon mails for the originating source domains which all lead to the same ip which does not run a mail service, my fallback hosts then fill up with this mailer daemon messages.
So another point is im not allowed to use intransparent mail blocking like rbl lists, or oher spam detecting systems, the only thing i use is an user configurable spam / virus detection service. So if a user wants spam he gets it... And if he forwards it i get into the described dilemma. I operate a pretty large mail system so i had about 100k of these mailer daemons per day or even more. For about 3 weeks i got a cronjob running which postsupered the mailer daemon mails hourly, until i discovered the postfix recipient_a_access feature. Hope that clears things up! On 14 Nov 2017 7:20 p.m., "Viktor Dukhovni" <postfix-us...@dukhovni.org> wrote: > On Tue, Nov 14, 2017 at 07:11:03PM +0100, flowhosts wrote: > > > Yes this is such a decent feature! > > I use it with the hold action now as this doesn't break things. > > So bad domains (in my case) which would never accept mails are now kept > in > > place, i call it the bad destination hold quarantine. > > Looking forward to massive discarding soon :) > > While DISCARD is clearly not behaving as expected here, I am puzzled > as to when you might want the expected behaviour. Is this a > submission service, and you're trying to discard mail from compromised > accounts? What is the use-case for discarding a message one of > whose recipients has a domain whose MX hosts match some IP address? > > -- > Viktor. >