OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: Challenging Local Sender/Recipient Spam

From: mouss (moussnetoyen.net)
Date: Fri Mar 07 2008 - 07:04:41 CST


Gary C. New wrote:
> We are having an issue with spammers making raw socket
> connections to our postfix server, spoofing one of our
> mynetworks domains, and having the server deliver it
> to a valid recipient in the same mynetworks domain.
> We have smtp auth configured and working, but this
> method of spamming is unchallenged due to it being
> viewed as a valid mynetworks domain.
>
> What is the best way for postfix to challenge this
> method of spam? We've already explored the
> reject_sender_login_mismatch feature, but it is too
> aggressive for our environment. Essentially, we need
> to ensure that the sender is smtp auth'ed before
> sending a message, regardless of being a valid
> mynetworks domain.
>

you can use
    reject_unauthenticated_sender_login_mismatch
which only applies to unauthenticated mail.