LuKreme a écrit : > On 24-Aug-2009, at 08:28, Daniel L'Hommedieu wrote: >> The one bit of spam I'd like to stop, and I seem to remember seeing >> talk of it at some point (but I've been unable to find it again) is >> the spam appears to be "from me to me." That is, the spammers who use >> my email address as the from address. Those emails get past the relay >> and auth checks because the mail is not being relayed. If I could >> stop that spam, it would probably kill 100% of my spam. > > The best way to deal with 'from me to me spam' in my opinion is to > implement SPF, then you can either reject SPF-fail, or hand mail to Spam > Assassin and score SPF fail up. That is, unless you are REALLY sure that > no one on your domain will ever send mail to themselves. > >
If you ever want to block this, there is absolutely no reason to check dns. you know what domains are yours so you can simply use an access list: check_sender_access hash:/etc/postfix/mydomain == mydomain example.com REJECT you cannot send on behalf of example.com .example.com REJECT you cannot send on behalf of example.com please do not advocate SPF on this list. check the archives and you'll see that it is taboo here.
