I'm running sendmail 8.11 on a Solaris server. The server has a single interface and sits in my DMZ. I'm trying to find a way to block inbound mail with my domain spoofed as the sender. The scenario turned up when a person I know received spam with the sender being spoofed showing [EMAIL PROTECTED] and recipient being [EMAIL PROTECTED] After inspecting the mail headers, we discovered that the source IP was definitely external. We've scoured sendmail.org, arachnoid.com, cauce.org and all the books we have and could not find this scenario speifically mentioned.
Problems/Questions 1. If we block spammers by domain as recommended at http://www.arachnoid.com/lutusp/antispam.html#filter_forwarding, how do we get around our internal users being blocked from sending mail out? 2. Does anyone know of a way to check the network that a specific domain is sending from? This way we could look at mydomain.com and compare it to a specific subnet that we allow. Thanks in advance for your help. Jim
