to:[EMAIL PROTECTED] Sent: Friday, September 19, 2003 3:04
PMTo: [EMAIL PROTECTED]Subject: Re:
[Declude.JunkMail] blocking spam faked as coming from local a ddress ddress
ddress ddress
We whitelist the IP address of any system we
permit to relay through our IMail server, and all o
: [Declude.JunkMail] blocking
spam faked as coming from local a ddress ddress ddress ddress
Bill,It's because it is very rare that you see spam
faking your address, 0.1% from a recent test, and much more common that false
positives will be created as was noted. I was able to monitor this
beh
Bill,
It's because it is very rare that you see spam faking your address,
0.1% from a recent test, and much more common that false positives will
be created as was noted. I was able to monitor this behavior because
unfortunately the DYNAMIC filter catches but doesn't score intra-server
domain
- Original Message -
From: Matthew Bramble
> I highly recommend not filtering the fake MAILFROM for your local domains.
Why not? I don't actually do this, rather I use SPAMDOMAIN instead. But I
don't see a problem doing it with MAILFROM in a filter file either.
Bill
---
[This E-mail
I get more valid E-mail's faking the from to look like it's from one of
my users than I get in actual spam that is doing this. In a recent
test of 5,530 unique incoming messages, only 6 spammers tried to look
as if it was coming from my server, that's only 0.1%. It all failed as
well.
I high
Title: Message
I should
add:
If you want to go
the extra mile and say:
MAILFROM 20
ENDSWITH wcnet.net
Then you'll find
that works great against spammers who fake their mailfrom address so it looks
your own name (or say, [EMAIL PROTECTED] while trying to send
to you!), but:
You'll a
Title: Message
According to
external DNS, you only have one mail host.
For starters, you
can whitelist your own IP. And if that server is the only machine of yours
that is going to identify itself as wcnet.net,
HELO 20
ENDSWITH wcnet.net
should do nicely
until someone called mail.n