From: Jason Fesler (jfeslergigo.com)
Date: Mon Sep 15 2003 - 18:33:18 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Some of you may have seen articles about Verisign effectively
answering for *.com and *.net, for any domain name that is not
otherwise registered. I'm particularly concerned
about spammers who use fake domain names all of a sudden getting
past the sender checks in postfix.

Weitse++ for the policy daemon code he added. Weitse, you kick ass.

I've created a filter that specifically compares sender addresses against
bogus .net lookup addressess, and if the sender matches that wildcarded
IP, reject the mail.

http://gigo.com/ftp/pub/src/mfpitgdav.pl

(The acronym for that is an exercise for the reader; the one I'll give you
is that "v" stands for Verisign...)

This *REQUIRES* a snapshot that has README_FILES/SMTPD_POLICY_README
in the tarball. Period.

This does work for me; in a few days I'll report back on the overall
effectiveness. Now that the cat's out of the bag with respect to
Verisign I just wanted to provide some remedy from a postfix/anti-spam
perspective.

[Please don't turn this thread into a "Why did they do this??!?!", save it
for slashdot.]

--
 Jason Fesler, <jfeslergigo.com> http://gigo.com/resume.html
 "Give a man fire, and he'll be warm for a day;
 set a man on fire, and he'll be warm for the rest of his life."

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]