Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: mouss (moussnetoyen.net)
Date: Thu Apr 17 2008 - 06:48:59 CDT
Florian Effenberger wrote:
> I currently work on my Postfix configuration and I came across a
> phenomenon that I don't know how to deal with. I have set
> local_recipient_maps = $alias_maps unix:passwd.byname
> so unknown recipients get rejected directly in the SMTP session.
> However, some of my users forward their e-mail to another machine.
> Let's take johnmysite.com (on my MX) forwards his mail to
> johnhissite.com (on another machine I don't control).
> When paulthirdsite.com mails to johnmysite.com, and johnhissite.com
> bounces (like for spam protection or other errors), my MX sends a
> bounce message to paulthirdsite.com. Theoretically, this could be
> used for backscattering, I guess?
yes. if spammer forges addresses and sends mail to john, that's what
> Is there anything I can do about it? Is forwarding e-mail generally a
> bad habit?
it's becoming harder than it was...
- you should never forward mail that may be caught by a "reasonable"
spam filter. for example, if you use SA (with network test and Bayes),
then forwarding a message that has a score >= 4 is probably not
- you should watch logs and disable the forwarding if you notice a "storm".
- maybe throttling bounces would be a good idea.
PS. you should never bounce to header addresses. (postfix behaviour is