A recent bout of spam illuminated an issue that I would like to eliminate.
The SMTP gateways I run MIMEDefang on both relay messages to internal hosts as
well as act as local hosts for the institutional e-mail address format. An
anti-spam package ahead of these SMTP gateways tags each incoming message with
a 'spam score' if this score is higher than either the defaults or the
recipient's personal settings, the message is quarantined, shunted to a
seperate server for viewing or releasing, and eventual automatic deletion.
The spammer sent out massive amounts of mail to bogus accounts @ our
institutional address domain. The result was that despite sendmail indicating
to the sending host that an e-mail address was invalid, that address was
included as a recipient in the MIMEDefang COMMANDS file. Once there, the
message was acted on as if the address was a valid one and mail would be
quarantined for a non-existant user.
I haven't yet been able to track down whether it is MIMEDefang including the
these invalid addresses, or sendmail passing them on to the milter as if they
were indeed valid.
Does anyone know what I might be able to do to eliminate these invalid
addresses from appearing in the COMMANDS file?
-- James
o o o o o o o . . . _______________________ ________=======_T___
o _____ |James Madill | |Duke U. Health Sys|
>.][__n_n_| D[ ====|____ |[EMAIL PROTECTED]| | (919) 668-2411 |
(________|__|_[____/____]_|_____________________|_|__________________|
_/oo O-O-O ` oo oo 'o^o^o o^o^o` 'o^o o^o`
-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
<http://www.duke.edu/~madil001/>
_______________________________________________
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
