Re: [spamdyke-users] Qmail + spamdyke + chkuser

Hello Eric, Saturday, September 5, 2009, 2:39:30 AM, you wrote: What subdomains are you seeing besides @www. ? Subdomains of our domains. Mail that goes to domains that are not included to rcpthosts file is rejected. But mail to www.mydomain.com or mail.mydomain.com are accepted to

Re: [spamdyke-users] Qmail + spamdyke + chkuser

Youri V. Kravatsky wrote: Hello Eric, Saturday, September 5, 2009, 2:39:30 AM, you wrote: What subdomains are you seeing besides @www. ? Subdomains of our domains. Mail that goes to domains that are not included to rcpthosts file is rejected. But mail to www.mydomain.com or

[spamdyke-users] Whitelist methods

I am thinking that from a security standpoint, the preferred methods of whitelisting would be by: 1) rDNS 2) IP 3) sender simply because spoofing a sender is easiest and spoofing rDNS is the most difficult. Is this correct? Are there other considerations? -- -Eric 'shubes'

Re: [spamdyke-users] Qmail + spamdyke + chkuser

I can see why spamdyke is accepting messages to your subdomains -- you've whitelisted the recipients. In the full log you sent, I see this line: FILTER_RECIPIENT_WHITELIST recipient: kalugin...@www.ja-maica.ru file: /var/qmail/control/whitelist.local(84) If you're just trying to stop

Re: [spamdyke-users] check for mail from email address

I agree -- just change the user's password. That would be much, much simpler than trying to block this kind of attack with spamdyke, which is not designed to restrict authenticated users. -- Sam Clippinger Eric Shubert wrote: Is the undesirable email coming from the compromised computer, or

Re: [spamdyke-users] Feature request - whitelist SPF

I don't see why this can't be done. Once SPF support is added, it should be pretty trivial to add a flag to control what spamdyke does with it. -- Sam Clippinger Eric Shubert wrote: Eric Shubert wrote: Hey Sam (et al), I just came across a situation where I wanted to whitelist a

Re: [spamdyke-users] Whitelist methods

If secure means hardest for a spammer to exploit, then I would say whitelisting IP addresses would be the most secure. Spoofing IPs is not impossible but well beyond what most spammers can do. Spoofing an rDNS name is actually pretty easy -- if I control my own rDNS, I can set those records

Re: [spamdyke-users] Feature request - whitelist SPF

I would think that SPF would be fairly easy to implement. There are libraries available (http://www.openspf.org/Implementations). I'm just looking at this as a more secure (and lazy) way to whitelist a domain. ;) Is there something I can do to help move this along? Sam Clippinger wrote: I

Re: [spamdyke-users] Qmail + spamdyke + chkuser

Hello Sam, Saturday, September 5, 2009, 10:11:03 PM, you wrote: I can see why spamdyke is accepting messages to your subdomains -- you've whitelisted the recipients. In the full log you sent, I see this line: FILTER_RECIPIENT_WHITELIST recipient: kalugin...@www.ja-maica.ru file: