Spam from (forged) whitelist domain
Julian Field
mailscanner at ecs.soton.ac.uk
Mon Dec 22 09:10:53 GMT 2003
At 22:47 21/12/2003, you wrote:
>Does the whitelist check look at the sending client IP, or the sending
>server IP? (Assuming the my users only send from my server, and only
>authenticated users are allowed to send from there.)
It looks at the IP address at the other end of the SMTP connection to the
MailScanner server.
>Thanks.
>
>
>Julian Field wrote:
>
>>Exactly what I was about to suggest. You can use pretty much any of the
>>standard/common ways of expressing IP ranges and network subnets.
>>
>>At 22:51 19/12/2003, you wrote:
>>
>>>Just a thought, and I'm not sure this is correct, but perhaps you can
>>>whitelist your domain by IP instead of by name.
>>>
>>>-Eric Rz.
>>>
>>>On Fri, Dec 19, 2003 at 02:35:39PM -0800, Andy Alsup wrote:
>>> > I see a nontirvial volume of Spam that gets through to users using
>>> > forged headers with my domain as the from. These are typically to:
>>> > user at mydomain from: user at mydomain
>>> >
>>> > My domain is whitelisted, so when a forged header comes along, I
>>>get a
>>> > spam score that would have dealt with the spam, but it is whitelisted,
>>> > so delivered anyway.
>>> >
>>> > Is there a way to deal with this?
>>> >
>>> > Thanks.
>>
>>
>>--
>>Julian Field
>>www.MailScanner.info
>>Professional Support Services at www.MailScanner.biz
>>MailScanner thanks transtec Computers for their support
>>PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
More information about the MailScanner
mailing list