[NCLUG] Spam Help

Neil Neely neil at neely.cx
Wed Dec 3 09:10:24 MST 2008 

I'm assuming the 'reject_non,fqdn_sender' is a typo, but I'm not  
immediately seeing any reason for this problem - can you run "postconf  
| grep restrict" and send it to the list?  It seems possible you've  
got another restriction set that's authorizing them to get through  
regardless of the sender check.  Possibly something where you are  
returning "OK" from a check instead of "DUNNO".


Neil Neely
http://neil-neely.blogspot.com




On Dec 3, 2008, at 8:40 AM, Chris Funk wrote:

> Hi All,
>
> I am having a horrible time with spam that has a Mail From address  
> of my users.  i.e.  the email appears to come from their own  
> address.  In the header the From address is their own, but the  
> return to address is something else, not in our domain.  Here is an  
> example.
>
> Received: from adsl-84-226-68-102.adslplus.ch  
> (adsl-84-226-68-102.adslplus.ch
> [84.226.68.102])       by mail.us-reports.com (Postfix) with SMTP id  
> EBF9E16C0F1
>        for <chris at us-reports.com>; Wed,  3 Dec 2008 06:16:28 -0700  
> (MST)
> To: <chris at us-reports.com>
> Subject: Your Order
> From: <chris at us-reports.com>
> MIME-Version: 1.0
> Importance: High
> Content-Type: text/html
> Message-ID: <20081203131632.EBF9E16C0F1 at mail.us-reports.com>
> Date: Wed, 3 Dec 2008 06:16:28 -0700
> Return-Path: omga at amb.es
>
> Here is my smtpd_sender_restrictions line from main.cf
> Smtpd_sender_restrictions = permit_mynetworks,  
> permit_sasl_authenticated, check_sender_access hash:/etc/postfix/ 
> sender_access, reject_non,fqdn_sender, reject_unknown_sender_domain
>
> My sender_access file is:
> us-reports.com  REJECT  NO SPAMMING
> My.ip.add.res   REJECT  NO SPAMMING
>
> When I telnet in and try to do a
> HELO junk.com
> MAIL FROM:chris at us-reports.com
> RCPT TO:chris at us-reports.com
>
> It stops me with "Sender address rejected: NO SPAMMING
>
> Any idea how the spammers are getting around this?  I can send my  
> entire main.cf file if that will help.
>
> Thanks
> Chris
>
>
>
> SPECIAL NOTE TO CLIENTS
> If you or your organization are a client of this firm and this  
> electronic mail message is directed to you, please do not forward  
> this transmission to any other party. Strict confidentiality is  
> necessary with respect to our communication in order to maintain  
> applicable privileges. Thank you.
>
> CONFIDENTIALITY NOTICE
> This electronic mail and any attachments contain information which  
> is the property of the sender and which may be confidential and  
> legally privileged. The information in this transmission is intended  
> only for the use of the person or entity to whom the electronic mail  
> was sent, as indicated above. If you are not the intended recipient,  
> any disclosure, copying, distribution, dissemination or action taken  
> in reliance on the contents of the information contained in this  
> transmission is strictly prohibited.
> _______________________________________________
> NCLUG mailing list       NCLUG at nclug.org
>
> To unsubscribe, subscribe, or modify
> your settings, go to:
> http://www.nclug.org/mailman/listinfo/nclug

More information about the NCLUG mailing list