Hi David, > isn't it a quite usual method to send mails to yourself, to keep a copy > or something? If you really want to do this, check also if the sending
I think not is not usual. Why would someone send from own mailbox to same mailbox same mail what he already have it in mail-inbox? Yes I do send e-mails to myself but with diferent Sender address usualy from other e-mail to my main e-mail address. Even in this case sender and recipient aren't same. With 99.9% probablity when sender and recipient are same then it is SPAM. And I did say we have perimeter SMTP inbound relay so only e-mails from foreing servers are received by that server. In this case it is always SPAM, because sender form foreing server can't have same e-mail as our local user. In rare case if user from our server sending e-mail directly to self then it will never hit SPAMDYKE check because it will be local delivery. SMTP where SPAMDYKE intercept messages is only for inter server mail transfer (ie. is resposible for handling inter-domain mails). Internal mails are handled by server without using SMTP where SPAMDYKE doing check. In your scenario I guess there can't be case when it would hit SPAMDYKE check. I believe you don't allow open SMTP-relay from client computers (making open relay). You always want user authentication from e-mail clients using your mail server. In that case when SMTP transfer is authorized SPAMDYKE don't doing any check. Cheers Eduard [email protected] wrote on 07.05.2009 11:11:44: > Yes, but in this case i am authenticated. > > Von: David Stiller <[email protected]> > Antworten an: spamdyke users <[email protected]> > Datum: Thu, 7 May 2009 11:03:49 +0200 > An: spamdyke users <[email protected]> > Betreff: Re: [spamdyke-users] Posibility to blacklist messages where > sender and recipient are exactly same > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Ulrich C. Manns schrieb: > > @Sam Clippinger > > > > Hi Sam, > > > > my whishes: > > > > 1. A new parameter to reject emails if sender=recipient (because > > we?re hosting many domains an Eduard method won?t work for us) > > Hi Ulrich, > > isn't it a quite usual method to send mails to yourself, to keep a copy > or something? If you really want to do this, check also if the sending > mx is not local domain, regardings this i would think that spamdyke > might deny such a mail anyway with the reverse dns lookup checks. > > > 2. SPF .... (DENIED_SPF) > > 3. MySQL extension from haggybear.de > > > > > > Regards, > > Ulrich > > > > ------------------------------------------------------------------------ > > *Von: *Eduard Svarc <[email protected]> > > *Antworten an: *<[email protected]>, spamdyke users > > <[email protected]> > > *Datum: *Wed, 6 May 2009 10:29:11 +0200 > > *An: *spamdyke users <[email protected]> > > *Betreff: *Re: [spamdyke-users] Posibility to blacklist messages where > > sender and recipient are exactly same > > > > > > Hi Ulrich, > > > > thanks for idea and it works. I did add into > > /etc/spamdyke.d/sender-blacklist-file all our local domain in form: > > > > @intertech.cz > > > > and now SPAMDYKE works as I do expecting: > > > > May 6 10:23:29 fw spamdyke[27819]: DENIED_SENDER_BLACKLISTED from: > > [email protected] to: [email protected] origin_ip: 89.189.3.74 > > origin_rdns: lissant.kis.ru auth: (unknown) > > > > Heureka! I hope it will helps someone else than me. But it is perfectly > > what I do expect to happens. > > > > Eduard > > > > [email protected] wrote on 06.05.2009 09:51:17: > > > >> > >> Dear Ulrich, > >> > >> I guess it couldn't be denied by DENIED_IP_IN_RDNS because > > s0106000625a2b407 > >> is not hexadecimal representation of IP address. I pick may be wrong > >> example there are partially regular reverse DNS too where sender and > >> recipent are same like: > >> > >> May 6 09:35:03 fw spamdyke[27053]: ALLOWED from: @domain.cz to: > >> @domain.cz origin_ip: 95.48.168.162 origin_rdns: jum162.internetdsl. > >> tpnet.pl auth: (unknown) > >> > >> Thanks to your answer to another thread I got idea how to block > >> these messages. I could put our domain in sender-blacklist-file and > >> it will definetely stop all messages containing SPAM with fake > >> sender from our domain. Users using another mail server for outgoing > >> mail and that mail will never reach perimeter SMTP server where > >> SPAMDYKE does run. > >> > >> Thnak you! > >> Eduard > >> > >> "Ulrich C. Manns" <[email protected]> wrote on 06.05.2009 08:59:15: > >> > >> > I think this should be a new parameter in the config for the next > > version? > >> > > >> > But this should be rejected with DENIED_IP_IN_RDNS with .net in the file > >> > ip-in-rdns-keyword-blacklist-file? > >> > > >> > Von: Eduard Svarc <[email protected]> > >> > Antworten an: <[email protected]>, spamdyke users <spamdyke- > >> > [email protected]> > >> > Datum: Wed, 6 May 2009 08:32:10 +0200 > >> > An: spamdyke users <[email protected]> > >> > Betreff: [spamdyke-users] Posibility to blacklist messages where > >> > sender and recipient are exactly same > >> > > >> > > >> > Dears, > >> > > >> > I'm looking for right place where I could reject messages containing > >> > with 100% probability SPAM. These messages I could easily indetify > >> > as SPAM because sender and recipient are exactly same. My server is > >> > perimeter SMTP relay only. In this case is not simply possible that > >> > he could deliver this kind of messages. In case when user of local > >> > domain acidentaly sending message to self it would be handled by > >> > main mail server not by perimeter SMTP server. > >> > > >> > I would like simply DENY all messages like these: > >> > > >> > May 6 06:57:48 fw spamdyke[23773]: ALLOWED from: [email protected] to: > >> > [email protected] origin_ip: 24.84.53.252 origin_rdns: > >> > s0106000625a2b407.vc.shawcable.net auth: (unknown) > >> > > >> > TIA > >> > Eduard > >> > _______________________________________________ > >> spamdyke-users mailing list > >> [email protected] > >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > > > > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > spamdyke-users mailing list > > [email protected] > > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEARECAAYFAkoCo/UACgkQWFnhIgg1RRqTNACbBNfHIJG1Yx/R/r6u+9jTUauu > uU4Aniv3KM2exZi+j9NEgq4j345stnBO > =E1gw > -----END PGP SIGNATURE----- > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users
_______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
