On 5/25/11 9:09 AM, Eric J Esslinger wrote:
Mac Mail (and others) have a "feature" that allows my customers to generate a fake NDR message and send it back through my server. I get about a customer every few months that discovers this 'solution' to spam emails, and when it happens they cause delivery problems for my customer mail server by generating backscatter.
Today I just ended up on a list that won't take me off for quite a while (or unless I pay).
Does anyone know of a way for me to block the following, using postfix, either via refusing to accept the mail or by dropping it in /dev/null: Mail from <> or postmaster that originates within our customer IP blocks/is sent using authentication at the submission port and/or that does not have a valid local recipient.
I can't find any ready made recipies online for this sort of thing in a short dig around for it, and while I think it's possible, I was wondering if anyone else was already dealing with this and could say 'oh yeah just put line blah in header_checks'. I would think it would be simple once you find it but you know how it is.
(I've already dealt with the customer in question but I'm getting tired of this popping up every month or three.)
You can check for a combination of two or more of these headers: Auto-Submitted: auto-generated (failure) X-Mailer: Apple Mail (x) Content-Type: multipart/report; boundary=x; report-type=delivery-status ~Seth