|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Blake Hudson (blake
ispn.net)
Date: Wed May 07 2008 - 12:39:28 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-------- Original Message --------
Subject: Re: Backscatting filter?
From: Ralf Hildebrandt <Ralf.Hildebrandtcharite.de>
To: postfix-userspostfix.org
Date: Wednesday, May 07, 2008 3:06:52 AM
> * Geert Batsleer <batsleergmail.com>:
>
>> Hi,
>>
>> over the last couple of days I seem to get more and more spam wich
>> looks like a bounced email with subjects like "MAILER DAEMON ... " and
>> other variations, where the emails are bounced from mostly russian
>> servers and where my email address has been spoofed so that I recieve
>> the bounced mail instead of the original sender.
>>
>> Any idea how I can fix this with header_checks or procmail?
>>
>
> I use in header_checks and body_checks:
>
> /^Received: from .*by nomail\.charite\.de/ REJECT Fake nomail.charite.de Received: Header found
>
> if /^Received: from .*by mail(-ausfall)?\.charite\.de/
> !/ \(Postfix\) with /i REJECT Fake charite.de Received: Header found, this is a bounce for a mail our system did not send!
> endif
>
> This makes sure that a bounce which contains a fake
> mail/mail-ausfall.charite.de Received: header will be rejected.
>
>
It seems a waste to subject all messages to these filters, is there a
way to apply these regexp header_checks/body_checks only to messages
from a null sender, as is the case with the second recommendation:
-----------------------
/etc/postfix/main.cf:
smtpd_sender_restrictions =
...
check_sender_access hash:/etc/postfix/maps/sender_access
...
/etc/postfix/maps/sender_access:
...
<> reject_rbl_client ips.backscatterer.org
-----------------------
-Blake
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]