michaelkmaclub.com
Date: Tue Apr 08 2008 - 13:38:00 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

I am having an issue with SPAM(MER)

SETUP:
I host a few virtual domains on my mail server.
I also have another box at a different site that hosts a few domains as
well.
These two boxes are also act as backup relays for each other.
Most of the domains funnel all mail to a single person using the virtual
table. domain -> userlocalhost

PROBLEM:
Some spammer is joejob'ing a particular non-existant address in my
domain very hard. I am getting bounced email messages returned to
<unknown_user><mydomain> at the rate of 4-5 a second. Over a week, I
have 50,000 unique hosts that have tried to bounce messages for this
user. Some have tried as many as 50,000 times.

Needless to say, this is causing quite a lot unnecessary work for my
mail server.

ATTEMPTED SOLUTION:
I added a rule to consult hash:/etc/postfix/recipient_checks in my
smtpd_recipient_restrictions to reject any incoming email for
<unknown_user><mydomain>. This has helped, but now postfix is just
filling my logs with reject messages and they keep trying.

I also tried making it such that <valid_user>domain was the only entry
in my virtual table for that domain. That causes the same bounce, but
causes problems for my MX server because the mail is delivered to the
MX, it accepts for that domain. When it tries to relay to the primary,
it gets rejected. It then has to deal with the bounce on the MX.

HELP:
What is the best way to handle this situation?

Thanks,

Michael

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]