From: Vasya Pupkin on
It is already as restrictive as possible and acceptable for me. I do
not want to loose any non-spam mail as well, so I am not going insane
adding network block based rbl domains, but I am using most reliable
rbl domains, including,,,, and some more, and some
Postfix internal check including reject_non_fqdn_sender,
reject_non_fqdn_recipient, reject_unknown_sender_domain, and some

On Thu, Jul 22, 2010 at 6:28 PM, Mikael Bak <mikael(a)> wrote:
> Vasya Pupkin wrote:
>> Hello.
>> First, I have spent two days reading articles and searching web for
>> solution but failed there. I am using postfix as an mx for my domains,
>> it accpets mail for different addresses withing my domains which is
>> then forwarded to other external domains, i.e. and other
>> mail services. Mail for unknown users is rejected, many other check
>> are performed, but still sometimes my system acts as a backscatterer
>> when something like this happens:
>> 1. Incoming mail passes all tests, it's coming to one of the addresses
>> within my domain, i.e. existing-user(a)mydomain.tld
>> 2. Postfix then forwards mail to external domain, i.e. myemail(a)mailservice.tld
>> 3. For some reason mailservice.tld rejects this mail, i.e. it doesn't
>> like it's content or size.
>> 4. Postfix then bounces mail to sender, which can be forged, and thus,
>> becoming a backscatterer.
>> Is there any way to prevent postfix from sending bounces anywhere?
> Hi Vasya,
> To be sure to not acting as a backscatter you will have to configure the
> front mx to be as restrictive regarding content and mail sizes as the
> final destination is. Otherwise you will see problems like the theese.
> HTH,
> Mikael