In article <ruYtj.6515$xq2.272@newssvr21.news.prodigy.net>, Bill Gee wrote:
> Thanks, Cameron. I suspected "postmaster" was a special case.
>
> I have chosen to handle it outside of Postfix. I *never* receive legitimate
> email to that address, so I set up an inbox rule that automatically deletes
> anything addressed to postmaster. The volume of messages is not high
> enough to affect performance of my mail server.

You'll get away with that on a personal or hobby server.
But it's dangerous, because high quality spam reports probably
won't be addressed anywhere but postmaster@ and abuse@. RFC2142.
People who go to the trouble of reporting spam won't do the
extra work of figuring out some unusual way to contact you.
So if you have a weak SMTP AUTH password stolen/guessed,
or $Diety forbid you get rooted, you're blocking one of
the main ways you'd find out you're sending abuse.



> I, too, have set up a large number of addresses in the access.db table. I
> knock out all of the Latin America and most of the Asia/Pacific addresses
> at their Class A number. I have no email correspondants in those regions
> of the world. The postfix logs show roughly 30 to 50 messages per day
> blocked from those addresses. It shows in the range of 200 messages per
> day blocked from servers with invalid names, invalid MX records or no DNS
> entry.

I've got a few /8s blocked, but most of them have too many
non-abusive holes. My users get legitimate email from Australia,
Japan, and Argentina, unfortunately. It wouldn't bother
us if Russia and Turkey were entirely disconnected from
the Internet.

200 bad DNS contacts per day? I'm getting that many per minute.
and that's not counting what bounces off the netfilter.
Which reminds me to ask about selective logging in a new thread.


Cameron