Author: Dave Pooser Date: To: Exim-users Subject: Re: [exim] Denying spam with forged from
> it forges the from field to my own hostname, which is of course in > the whitelist of spamd (it has to be,
No, actually it *doesn't* have to be, and the folks over at the SpamAssassin
mailing list consider whitelisting your own domain to be one of the most
common and most significant errors you can make.
The best approach is to simply exempt authenticated users from SpamAssassin
checks, force all your users to use SMTP AUTH, and watch the problem go
away.
> So to block it I've added an acl check that would compare return-path field > and the from field. If they are different, it most probably is spam.
Like, say, this very message coming from this mailing list, which has
mismatching return-path and from?
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the intention of arriving
safely in one pretty and well-preserved piece, but to slide across the
finish line broadside, thoroughly used up, worn out, leaking oil, and
shouting GERONIMO!!!" -- Bill McKenna