Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Nicolas Michel (nicolas.michellemail.be)
Date: Mon Aug 09 2010 - 12:58:28 CDT
On 08/09/2010 06:34 PM, Stan Hoeppner wrote:
> Nicolas Michel put forth on 8/9/2010 9:29 AM:
>> For example : a host with IP WWW.XXX.YYY.ZZZ try so send a mail to my
>> domain (we'll call it mydomain.be) and claims that the sender is
> Example of forging, typical of spammers:
> X-Original-To: XXXXXXXX
> Delivered-To: XXXXXXXX
> Received: from [220.127.116.11] (unknown [18.104.22.168])
> by XXXXXXXX (Postfix) with ESMTP id A1ABC6C35B
> for<XXXXXXXX>; Mon, 9 Aug 2010 07:52:49 -0500 (CDT)
> Received: from [22.214.171.124] by mx1.mail.eu.yahoo.com; Mon, 9 Aug 2010
> 18:22:49 +0530
> From: "DUSTY MORRISON"<DUSTYMORRISONyahoo.dk>
> Note that both the display name and return path are different addresses, but
> both claim to be from Yahoo Germany infrastructure. Note that the sending MTA
> is within the network of BSNL Internet in New Delhi India.
> This is probably very similar to what you're seeing, and what we're all
> seeing. 99%+ of all spam is forged, sometimes, as in this case, at multiple
> levels. This spammer even went as far as inserting a fake transaction in the
> header to make it look like the email went through yahoo.dk servers at one
> point, when in fact it did not.
> Unfortunately the SMTP protocol does not really allow us to discern forged
> email. If it did, spam would never have become the scourge of the internet
> that it has.
> There is no magic bullet to kill spam. It would probably be beneficial if you
> shared your main.cf of 'postconf -n' output with us. We can then suggest
> additional configuration settings that will help reject spam.
> Do you use Spamassassin or another email content filter?
I'm using mailscanner which works well and postfix is configured to
reject the maximum of bad mails :
I'm searching to improve our mail system and SPF seems to be a good way
to do it. However if you have some suggestions I'll thank you ;)
By the way, I read how to implement SPF checks with
postfix-policyd-spf-perl. But in the howto they __reject__ mails and I
do prefer to manage SPF with mailscanner with scores. Someone already
I also seen that there is spf-milter-python
=> which one is better? The implementation in perl or the one in python?