I get a lot of spam that pretends to be bounce messages but aren't. I
can accept the message and run it through Spamassassin, but that creates
a lot of system load. So I'm trying out a trick I thought of that seems
to be working.
What I'm doing is that when the from is <> empty I do I DEFER on the
main lowest MX server, but I accept and spam filter empty senders on the
backup server.
The idea is that a real bounce message will retry and the spmmers won't.
It's sort of like selective gray listing. I put this code in the
acl_smtp_data acl so that it won't interfere with sender verification
from other servers.
.ifdef LOWEST_MX
# This forces bounce message spammers to retry.
defer message = DEFER - Bounce messages to back door
senders = :
.endif