I noticed that most e-mail messages sent by infected machines claim in ehlo or helo that their domain name is the domain name of the e-mail address they are sending to. For example, if the virus sends a message to [EMAIL PROTECTED], it claims that the message its domain name is also targetdomain.tld. Is there a way to reject only such connections that pretend to be from the targeted domain, but ip is different? (appart from toggling nodnslookup in courierd config file)
Alexandru Molodoi IT CONSULTANT, Pointersoft ROMANIA Tel: +4021 337.02.60 Mobil: +4 0723.153.833 [EMAIL PROTECTED] ------------------------------------------------------- This SF.Net email is sponsored by the new InstallShield X. >From Windows to Linux, servers to mobile, InstallShield X is the one installation-authoring solution that does it all. Learn more and evaluate today! http://www.installshield.com/Dev2Dev/0504 _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
