|
I am resending this as I did not get any responses
to it. Any ideas from anyone? Please? I am running several virtual hosts on my James
server and have recently become aware of spam/virus emails arriving to
addresses on the server that are spoofing the Return-Path and From headers. Ex:
legitimate destination address "[EMAIL PROTECTED]" getting email from non
existent (or possibly real if they are lucky guessers)
"[EMAIL PROTECTED]". I have recently started using spamd and Josh
Parreco's spamassassin mailet and have found his SenderHostIsNotLocal matcher
to be insufficient to identify that the sender is fake because it simply checks
to see if foo.com is a local address. I have modified James to view my
configured virtual hosts as local. That being the case, I would like to force
an additional check that looks at the sending server to see if it is one of
ours or not. In that case, if the from user was not legit I could ghost the
message or whatever I decide to do with it. I have found the
"RemoteAddrNotInNetwork" matcher and assume I could setup another
processor block to check all of these conditions, but I wanted to make sure
that I am not overlooking some other matcher that already does any of this.
Please let me know if I am not being clear on the problem. Thanks in advance
for advice. |
- fake sender spoofing local domain John Glorioso
- RE: fake sender spoofing local domain Noel J. Bergman
