[NCLUG] Spam Help

Chris Funk chris at us-reports.com
Wed Dec 3 08:40:44 MST 2008


Hi All,

I am having a horrible time with spam that has a Mail From address of my users.  i.e.  the email appears to come from their own address.  In the header the From address is their own, but the return to address is something else, not in our domain.  Here is an example.

Received: from adsl-84-226-68-102.adslplus.ch (adsl-84-226-68-102.adslplus.ch
 [84.226.68.102])       by mail.us-reports.com (Postfix) with SMTP id EBF9E16C0F1
        for <chris at us-reports.com>; Wed,  3 Dec 2008 06:16:28 -0700 (MST)
To: <chris at us-reports.com>
Subject: Your Order
From: <chris at us-reports.com>
MIME-Version: 1.0
Importance: High
Content-Type: text/html
Message-ID: <20081203131632.EBF9E16C0F1 at mail.us-reports.com>
Date: Wed, 3 Dec 2008 06:16:28 -0700
Return-Path: omga at amb.es

Here is my smtpd_sender_restrictions line from main.cf
Smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, check_sender_access hash:/etc/postfix/sender_access, reject_non,fqdn_sender, reject_unknown_sender_domain

My sender_access file is:
us-reports.com  REJECT  NO SPAMMING
My.ip.add.res   REJECT  NO SPAMMING

When I telnet in and try to do a
HELO junk.com
MAIL FROM:chris at us-reports.com
RCPT TO:chris at us-reports.com

It stops me with "Sender address rejected: NO SPAMMING

Any idea how the spammers are getting around this?  I can send my entire main.cf file if that will help.

Thanks
Chris



SPECIAL NOTE TO CLIENTS
If you or your organization are a client of this firm and this electronic mail message is directed to you, please do not forward this transmission to any other party. Strict confidentiality is necessary with respect to our communication in order to maintain applicable privileges. Thank you.

CONFIDENTIALITY NOTICE
This electronic mail and any attachments contain information which is the property of the sender and which may be confidential and legally privileged. The information in this transmission is intended only for the use of the person or entity to whom the electronic mail was sent, as indicated above. If you are not the intended recipient, any disclosure, copying, distribution, dissemination or action taken in reliance on the contents of the information contained in this transmission is strictly prohibited.



More information about the NCLUG mailing list