On Tue, 2008-04-08 at 12:36 -0700, ahgu wrote: > They forged the header with my email addr as the return address. > When it get bounced back by a server, everything is valid. Since the server > strip off most of the content, it can pass the spamassassin very easily. I > wonder if anyone got this problem?
Of course, it is very common. SPF does a reasonable job of stopping it, since it is not worth the spammer's time to forge when a good portion will be ditched as violating spf. the vbounce plugin is also useful for identifying the bad bounces and discarding them. Amavisd-new 2.6 has a new pen-pals feature that checks all DSN's received to see if there is a corresponding outbound e-mail. That would virtually eliminate your receipt of spoofed bounces. The other solution is to convince every computer owner in the world to replace their infected BOTs with a clean machine and stable OS, and to maintain it properly. That one has considerably higher time investments needed. -- Daniel J McDonald, CCIE #2495, CISSP #78281, CNX Austin Energy http://www.austinenergy.com
signature.asc
Description: This is a digitally signed message part
