On Thu, 8 Sep 2011, Steve wrote:
On 08/09/2011 17:04, Mark Martinec wrote:
Sep 8 15:04:43 svr amavis[9242]: (09242-14)
Passed SPAM, [208.30.118.112] [208.30.118.112]
<adelama...@boimail.com> ->
<st...@svr.mydom.org>,<st...@svr.mydom.org>,<st...@svr.mydom.org>,
<st...@svr.mydom.org>,<st...@svr.mydom.org>,<st...@svr.mydom.org>,
<st...@svr.mydom.org>,<st...@svr.mydom.org>,
Message-ID: <201109081759.8B7F082565A0D33F9A15@p00905q4tw>,
mail_id: 0eFkT73PzE2y, Hits: 25.936, size: 1608, queued_as: E24C916C02A6,
8169 ms
In a sense that's what's wanted... /etc/postfix/virtual contains:
@mydom.org st...@mydom.org
I want all messages to all users delivered to steve.
That's really discouraged these days, because spammers send a _lot_ of
mail to essentially randomly-generated addresses in the hope that
something will actually get delivered to a person with a wallet, and if
you have a catch-all rather than rejecting invalid recipients, you
actually _get_ all that spam (as you've seen).
Disabling your catch-all would cure 90%-ish of this problem. How critical
is that catch-all to you?
Also: the log watcher idea wouldn't work, because it's only one inbound
message. Greylisting _would_ still delay the message and would filter them
completely if the spammer isn't retrying.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Windows and its users got mentioned at home today, after my wife the
psych major brought up Seligman's theory of "learned helplessness."
-- Dan Birchall in a.s.r
-----------------------------------------------------------------------
9 days until the 224th anniversary of the signing of the U.S. Constitution