Hi,
We have the same problem, but less luck finding the right configuration to solve it.
We receive thousands of backscatter bounces everyday from spam forged as if it was sent from one of our few domains. It would be very desirable to dump or block these messages before they are forwarded to an email server hosting our user accounts that must archive everything. The settings for Spam Detector Configuration, Backscatter, Bounce message score is set to 5 and the valid whitelist bounce relays are entered. For good measure the /etc/mail/spamassassin/custom.cf also has the lines:
whitelist_bounce_relays our_relays_separated_by_a_space
score ANY_BOUNCE_MESSAGE 5
The setting were saved and the server rebooted. There seems to be no effect on the amount of these backscatter bounces. We also use SPF. Perhaps I missed a step or concept.
Our mail gateway filters out the spam and then relays to another email server hosting all of the users. If a Proxmox mail gateway rule could be created to block all email for users who are "not" listed in a Who Object filled with our users/aliases, perhaps this would solve the problem. Does this sound right? If yes, is there a way create a rule using a "not" condition to block email for anyone not in a Who Object?
Thanks,
Jeff