Re: [exim] Denying spam with forged from

Inizio della pagina
Questo messaggio è parte di questo thread:
M+--+\il thread completo ordinato per data
MM..MMW B Hacker at <-
.M+\Patryk Rzadzinski at ->
Delete this message
Reply to this message
Autore: Dave Pooser
Data:  
To: Exim-users
Oggetto: Re: [exim] Denying spam with forged from
> it forges the from field to my own hostname, which is of course in
> the
whitelist of spamd (it has to be,

No, actually it *doesn't* have to be, and the folks over at the SpamAssassin
mailing list consider whitelisting your own domain to be one of the most
common and most significant errors you can make.

The best approach is to simply exempt authenticated users from SpamAssassin
checks, force all your users to use SMTP AUTH, and watch the problem go
away.

> So to block
it I've added an acl check that would compare return-path field
> and the
from field. If they are different, it most probably is spam.

Like, say, this very message coming from this mailing list, which has
mismatching return-path and from?
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the intention of arriving
safely in one pretty and well-preserved piece, but to slide across the
finish line broadside, thoroughly used up, worn out, leaking oil, and
shouting GERONIMO!!!" -- Bill McKenna



Questo messaggio è stato inviato alle seguenti mailing lists:
Exim-users
Informazioni sulla Mailing List | Messaggi correlati		<-Re: [exim] Denying spam with forged fromRe: [exim] Building virtual domain on multiple mail server->
Tahini and Hummus and Cumin Development Archives amministrato da cumin AdminsLurker (versione 2.3)