Had most of that in my config already, but thanks for the reply. Got hit again over the weekend- 600, 000 messages. Always using the fqdn of the server, or the domain the server is part of. What should I change in my config to prevent that? The relay servers only scan mail and relay to private and public IPs: no local delivery Can provide a sterilized version of my config if that helps. On Jul 28, 2012, at 2:54 PM, Eric Crist <ecrist at secure-computing.net> wrote: > The following helped me immensely with such problems: > > smtpd_recipient_restrictions = > permit_mynetworks, > permit_sasl_authenticated, > reject_non_fqdn_hostname, > reject_non_fqdn_sender, > reject_non_fqdn_recipient, > reject_unauth_destination, > reject_unauth_pipelining, > reject_invalid_hostname, > reject_unknown_sender_domain, > reject_unknown_recipient_domain, > reject_rbl_client dnsbl-1.uceprotect.net, > reject_rbl_client dnsbl-2.uceprotect.net, > reject_rbl_client dnsbl-3.uceprotect.net, > reject_rbl_client list.dsbl.org, > reject_rbl_client bl.spamcop.net, > reject_rbl_client zen.spamhaus.org, > permit > > smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks > smtpd_helo_required = yes > disable_vrfy_command = yes > > I hope this helps. > ----- > Eric F Crist > > > > On Jul 28, 2012, at 14:19:51, Raymond Norton <admin at lctn.org> wrote: > >> We run mailscanners for a number of domains on our WAN. Lately, we have been hammered with 100s of thousands of spam messages, forged with bogus email addresses of our local domain or the fqdn of the relay server. Wondering what the best way is to combat this. I could possibly implement spf checking to my postfix config, or maybe a simple access list check of allowed IPs??? >> >> >> Any recommendations appreciated. >> >> >> Raymond >> _______________________________________________ >> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota >> tclug-list at mn-linux.org >> http://mailman.mn-linux.org/mailman/listinfo/tclug-list > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. >