On 27.04.23 17:59, Sebastian Wiesinger via Postfix-users wrote:
I'm not sure if I'm missing something but I can't find out why my
body_checks doesn't catch all the backscatter I'm getting right now.
I've it configured like this:
root@alita:/etc/postfix# postconf -n body_checks
body_checks = pcre:$config_directory/body_checks.pcre
root@alita:/etc/postfix# cat body_checks.pcre
/^[> ]*Message-ID:.*@(fire-world\.de)/
reject SPAM backscatter with forged domain name in Message-ID header
One example it doesn't catch seems to match the regex when I test it
manually:
root@alita:/etc/postfix# postmap -q - regexp:/etc/postfix/body_checks.pcre
<backscatter.txt
Message-ID: <[email protected]> reject
SPAM backscatter with forged domain name in Message-ID header
I've got the original message (from my mailbox) here for you:
https://www.karotte.org/big/backscatter.txt
As I said, Postfix rejects some of the backscatter but not all. Any
idea why it didn't reject this?
If I tried to block backscatter, I would use spamassassin with VBounce
plugin and filter out all mail that hit any of BOUNCE_MESSAGE rules.
it just needs to set up proper hostames in welcomelist_bounce_relays.
I already use spamassassin as milter, so milter_header_checks should be
applicable.
--
Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The 3 biggets disasters: Hiroshima 45, Tschernobyl 86, Windows 95
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
