> From: UEDA Hiroyuki <[EMAIL PROTECTED]> > Date: Thu, 22 Apr 2004 15:07:51 +0900 > > Hi, all. > > > > I want to be able to tell qmail(-ldap) on my firewalls to reject mail which > > claims to come from a user on any host in rcpthosts if the sender is not on my > > private network. > > Why don't you use SENDERCHECK :-)?
I have multiple sites on the private network and each site has it's own LDAP server. The firewalls have all the internal sites in their rcpthosts. To use SENDERCHECK I would need to query multiple LDAP servers (some of which are across VPNs). With my proposal, we only need to look in the rcpthosts.cdb file. This came up because one of my clients has been getting SPAM recently which claims to be from <randomaddress>@mydom.ain. I *think* some spammer is noticing other domains on the same name server and using them as the host in the source address in order to get past more filters. If I could have his firewall filter mail from my domain which did not come over the VPN, I'd be able to eliminate that junk. I find SPAM that goes to my clients and claims to come from my domain to be especially irksome and it's isn't always easy to explain how little control I have over that mail. This would give me control over that mail by blocking it on the first box under my control that it hits. Chris -- Chris Garrigues http://www.DeepEddy.Com/~cwg/ Trinsic Solutions http://www.trinsics.com 1611-B West 6th Street Austin, TX 78703-5074 512-322-0180 If you don't apply what you've learned, you haven't learned anything.
pgp00000.pgp
Description: PGP signature
