I already have reject_unlisted_recipient in my smtpd restrictions as the
second restriction, does that mean its not working properly ?
do you have a
relay_recipient_maps =
... main.cf ?
Len
is this preventable with SAV turned on and off?
Thanks,
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Len Conrad
Sent: Monday, April 09, 2007 3:15 AM
To: IMGate@mgw2.MEIway.com
Subject: [IMGate] Re: Being used to do harvest hotmail accounts?
I got
The IP address doing this is not in my relay list, I have very few servers
talking to IMGATE.
I had recently disabled SAV, and maybe forgotten to restart postfix after
that, so maybe this is why we are still seeing this SAV behavior ?
SAV doesn't use MAILER-DAEMON as the SAV sender.
How is
Thank you len for your detailed reply.
So, from what your saying, I got blocked by hotmail not because of SAV, but
because of postfix sending email address does not exist bounce messages to
non-existent hotmail accounts.
aka, backscatter
So adding reject_unverified_recipient would make postfix
It looks like this happened by the attacker sending emails to an account on
my mailserver such as [EMAIL PROTECTED], those emails will be from the likes
of [EMAIL PROTECTED], so my IMGATE goes and checks if this email exists on
hotmail before it accepts it. Multiply this by 100k emails, and
I got an email from hotmail.com saying that my IMGATE machine is being used
to harvest hotmail account, I looked at my queue file and found a ton of
these entries:
7B9E23EB5E*5650 Sat Apr 7 04:58:52 MAILER-DAEMON
[EMAIL PROTECTED]
7FE143EB1B*