Date: Sun, 11 Sep 2011 17:02:58 -0700 (PDT) From: John Hardin <jhar...@impsec.org> To: users@spamassassin.apache.org Subject: Re: How to get rid of spam with From spoofed to my own domain
On Sun, 11 Sep 2011, René Berber wrote: > On 9/11/2011 3:47 PM, rutra80 wrote: > > > Hello, lately I receive spam which looks like coming from my domain, > > sometimes it is spoofed like coming from accounts that don't exist, and > > sometimes from the ones that really do. The only SA rule that it triggers is > > Bayesian one, with nearly 100% probability - it assigns 3.5 points, but my > > rejection limit is set to 4.5 and I'm not eager to lower it. What would be > > the most elegant and technically correct way to get rid of the problem? > > 1. Require authentication. > > 2. SPF. > 3. If your domain's mail will only ever originate from your MTA, then set up your MTA to reject any > mail having a From address in your domain unless it comes from your trusted network(s). > John Hardin -- My MTA is Sendmail and I use Milter-Regex which can compare against the server's proper IP address and reject any that "You are not me". Not sure if this fits your issue, but sounds like it. If not using Sendmail, then something "like" milter-regex perhaps. Jack (^_^) Happy trails, Jack L. Stone System Admin Sage-american
