A bit about my setup:
I have postfix running on my firewall which is relaying emails to our lotus notes server.
For the past 6 days we've been receiving at least 200 msgs/min (up to 1400/min), (typical rejected email is 10/min for my server) of backscatter email. This brought the server to a halt the first day, so I blocked null-senders <> . Obviously this isn't good since now my users won't get notices if they email incorrect addresses.
I've been googling for days, and have put several policies in place, but still, if spammers use our valid user email addresses when bouncing spam off of other servers, and those servers have proper dns records and make it past my spam filter, then my users will be getting a lot of email.
I see my two choices as being either continue blocking <> from any source, or have an allow list with a list of all my valid email users, but even then, that only prevents backscatter to non-valid users.
Is there anything anyone has done to solve these problems? Some database that maintained outbound email and would only allow bounces from domains that that were emailed would be nice, but google came up with nothing