I don't kmow if the subject is correct:
There are a lot of viruses and phishers that send messages with from
as info@mydomain or admin@mydomain or main@mydomain and so
on. All these messages are surely fake, since no one sent messages
with those messages.
I request an help on a way to refuse all messages that:
option1: Have as a from an address that could not be routed to [note
that beside the local users the legal addresses there are also the
Fist.lastname@mydomain (from /etc/aliases) but also a lot of routers
that act based on the prefix (so for certains of these prefixes everithing
tha follows it is legitimate) not forgetting the mailman lists...
In short: exim should get the message (since the From: field is in the
headers of the message, i would not care on the address given in mail
from: line) the look if could deliver to the From: address [if could de
directed to another server it is considered OK]
Option 2: if option 1 is too much difficult or heavy to the server, just use
a list of forbidden senders. However it should always be taken from the
From: header that is displayed to the user, not from the one given in
mail from phase !
In both cases messages should be refused.--
Leonardo Boselli
Nucleo Informatico e Telematico del Dipartimento Ingegneria Civile
Universita` di Firenze , V. S. Marta 3 - I-50139 Firenze
tel +39 0554796431 cell +39 3488605348 fax +39 055495333
http://www.dicea.unifi.it/~leo