Peter wrote: > Thank you for your answer.but we have our domain on several > Mailservers. this means that we could not send from one server through > the other if we would do it as you describe.
Not so. You simply have to let Postfix know which clients can be trusted to not spoof the sender. smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination [... other stuff ...] check_client_access cidr:/etc/postfix/trusted_to_not_fake check_sender_access hash:/etc/postfix/disallow_my_domain in hash:/etc/postfix/disallow_my_domain you have: example.com 554 example.com is the sender? I don't think so. in /etc/postfix/trusted_to_not_fake you have: # Networks or clients (not already in mynetworks or authenticated) # that I trust to not fake sending domain. 666.55.55.0/24 OK You will want to list those last two restrictions last (absolutely after reject_unauth_destination). Note that Postfix works on the envelope address, so it is still possible to see mail with your domain stuffed into the From: header. > Do you think it's not possible with a policy_bank ? Not that is apparent to me. > I tried it but I doesn't work. the policy get's loaded but doesn't do > anything. > Is there a solution on amavisd ? The only one I can think of is to create a SpamAssassin meta rule for each and every single recipient, but this may prevent users from sending mail to themselves and would also be very inefficient. Who knows, maybe thousands of these would bring your system to its knees. header __FROM_USER1 From =~ /[EMAIL PROTECTED]/i header __T0_USER1 To =~ /[EMAIL PROTECTED]/i meta TO_FROM_USER1 (__FROM_USER1 && __T0_USER1) score TO_FROM_USER1 5.0 header __FROM_USER2 From =~ /[EMAIL PROTECTED]/i header __T0_USER2 To =~ /[EMAIL PROTECTED]/i meta TO_FROM_USER2 (__FROM_USER2 && __T0_USER2) score TO_FROM_USER2 5.0 This also would not hit if [EMAIL PROTECTED] was sending mail to [EMAIL PROTECTED], so it is of very limited use. You can't trim it down to just the domain because *any* mail from @example.com to @example.com would get hit. I could be wrong but I think the Postfix solution is the only way. > best regards > peter Also read http://www.caliburn.nl/topposting.html >> Hi >> I am trying to fight those mails with the same sender end recipient. >> It means that a lot of mails coming in with dsn undilivered with the >> same sender and recipient. I tried to catch them with policy_bank >> MYUSERS ... >> Do not send a dsn if the domain is locale. >> Amavis loads the policy but it doesn't work. does mysql-policy or >> something else overwrite this policy ? >> Or is there another possibiliy to fight against those annoing mails ? >> peter > Or in broader terms, mail sent from outside your domain that uses your > domain as the sending domain. > If you are using Postfix, this has been discussed many times on the > Postfix mailing list. Here I search for 'breaks forwarding' (which the > solution does). > http://marc.theaimsgroup.com/?l=postfix-users&w=2&r=1&s=breaks+forwarding&q=b Gary V ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
