On Fri, Dec 02, 2005 at 11:08:21PM +0000, Phil wrote: > This can also happen without TMDA, by exploiting bounces that attach > the full spam body. Ideally, qmail would reject the email at the smtp > level I suppose, but with wildcard users that is not possible (?)
You should check on the qmail lists, but IIRC qmail doesn't have the ability to do the sort of processing you want during SMTP sessions. Postfix does, which may be a sufficient reason to switch over if you're going to use catch-all addresses. Another option may be to put all your catch-all mail into a non-TMDA protected inbox, and only run mail to known addresses through TMDA. You'll get more spam that way, but you'll avoid Joe-jobbing someone else; and let's be honest: 99% of traffic coming to a catch-all address is going to be spam anyway. > I should implement other anti spam measures like spamassasin and spf > maybe. Any advice? SPF isn't an anti-spam measure; it only protects against Joe-jobs. -- Re-Interpreting Historic Miracles with SED #141: %s/water/wine/g _____________________________________________ tmda-users mailing list ([email protected]) http://tmda.net/lists/listinfo/tmda-users
