On Sat, 2004-04-10 at 13:13, Jaimie Livingston wrote: > > ...Maybe you could try tracing down > > the relaying server and alert them? > > This brings up a question that I've wondered about before... > In situations like this, is it possible with Sendmail, Postfix, or other > technology to automatically bounce back ONE of the offending messages for > EACH spoofed address back to the relaying domains Mail Admin (rather than > the spoofed user address), and then reject or discard subsequent offending > messages from that domain for a set period of time? How might this work with > trojans that carry their own stipped down MTA? > > > Jaimie > Yes, OpenBSD has a script for doing this. I prefer MailScanner's setup of identifying the virus and then only sending back a bounce if the virus does not spoof the address.
Jon -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
