From: "Cirelle Enterprises" <[EMAIL PROTECTED]>
From: "Mark London" <[EMAIL PROTECTED]>
| I found a way for spam to be sent to someone, even if the spam rating is high.
|
| If a spammer sends a message with a FROM address that contains a real local
| address, like [EMAIL PROTECTED], and then sends it TO a fake local address, like
| [EMAIL PROTECTED], even though the original message is sent through
| spamassassin, the BOUNCED message is not, since it's delivered locally back to
| [EMAIL PROTECTED] The user gets the bounced message, with a warning that
| [EMAIL PROTECTED] doesn't exist, and the test of the original message with the
| spam follows. The spamassassin X-Spam-Level header is in the header of the
| original message, but not the header of the bounced message, so it gets past
| the mail client's header test for X-Spam-Level
This assumes you send bounces for bad/fake addresses.
just accept all and dev/null the bad email and this is avoided, if I understand
what you are trying to accomplish.
I hope by "dev/null the bad email" you only mean the mail which has been accepted
on the external gateway with an @psfc.mit.edu sender address and that subsequently
bounces because the @psfc.mit.edu receiver address is invalid. dev/nulling any other
mail is a *bad* idea - anyway for other than personal mail systems.
Why? Because if your MTA takes delivery of a message it must either deliver it or
try to send an NDR back to the sender - this per a number of mail RFCs. Obviously
in this day and age when every second mail has a forged sender address this nice
behaviour is outdated - but its still the valid way for MTAs to behave.
The only real answer to this problem is to refuse to accept the mail in the first
place by returing a hard 5xx error during the initial SMTP negotiation. The onus
is then on the sending server and not yours. "Accept then bounce" mailers are
a pet gripe of quite a few of the more militant anti-spam people. Whereas mail
systems in which mail silently disappears (to dev/null) is one of mine! :)
Cheers,
Tim Philip
_________________________________________________________________
Personalise your phone with chart ringtones and polyphonics. Go to http://ringtones.com.au/ninemsn/control?page=/ninemsn/main.jsp
