Hello Eric,
Saturday, September 5, 2009, 2:39:30 AM, you wrote:
What subdomains are you seeing besides @www. ?
Subdomains of our domains. Mail that goes to domains that are not
included to rcpthosts file is rejected. But mail to www.mydomain.com or
mail.mydomain.com are accepted to
Youri V. Kravatsky wrote:
Hello Eric,
Saturday, September 5, 2009, 2:39:30 AM, you wrote:
What subdomains are you seeing besides @www. ?
Subdomains of our domains. Mail that goes to domains that are not
included to rcpthosts file is rejected. But mail to www.mydomain.com or
I am thinking that from a security standpoint, the preferred methods of
whitelisting would be by:
1) rDNS
2) IP
3) sender
simply because spoofing a sender is easiest and spoofing rDNS is the
most difficult.
Is this correct?
Are there other considerations?
--
-Eric 'shubes'
I can see why spamdyke is accepting messages to your subdomains -- you've
whitelisted the recipients. In the full log you sent, I see this line:
FILTER_RECIPIENT_WHITELIST recipient: kalugin...@www.ja-maica.ru file:
/var/qmail/control/whitelist.local(84)
If you're just trying to stop
I agree -- just change the user's password. That would be much, much
simpler than trying to block this kind of attack with spamdyke, which is
not designed to restrict authenticated users.
-- Sam Clippinger
Eric Shubert wrote:
Is the undesirable email coming from the compromised computer, or
I don't see why this can't be done. Once SPF support is added, it
should be pretty trivial to add a flag to control what spamdyke does
with it.
-- Sam Clippinger
Eric Shubert wrote:
Eric Shubert wrote:
Hey Sam (et al),
I just came across a situation where I wanted to whitelist a
If secure means hardest for a spammer to exploit, then I would say
whitelisting IP addresses would be the most secure. Spoofing IPs is not
impossible but well beyond what most spammers can do. Spoofing an rDNS
name is actually pretty easy -- if I control my own rDNS, I can set
those records
I would think that SPF would be fairly easy to implement. There are
libraries available (http://www.openspf.org/Implementations).
I'm just looking at this as a more secure (and lazy) way to whitelist a
domain. ;)
Is there something I can do to help move this along?
Sam Clippinger wrote:
I
Hello Sam,
Saturday, September 5, 2009, 10:11:03 PM, you wrote:
I can see why spamdyke is accepting messages to your subdomains --
you've whitelisted the recipients. In the full log you sent, I see this line:
FILTER_RECIPIENT_WHITELIST recipient: kalugin...@www.ja-maica.ru
file: