Eamil from invalid users in own domains???

Eric Sandquist esandquist at IHMS.NET
Wed Jun 9 19:39:43 IST 2004 

Sorry 'bout the 'bug'...

We already do pop-before-smtp for authentication...

The problem is these spammers spoofing email from our domain to our
domain...  ie. from a non-existant user in our domain to a real user in our
domain.  They actually relay from somewhere else... because From:
ourdomain.com is whitelisted, the mail from this ficticious user gets mark
as such and goes through...    There ought to be a way to check this from
against the internal user list when the email is labeled as from the local
domain.

Eric

-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]On
Behalf Of Alex Neuman
Sent: Wednesday, June 09, 2004 1:10 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: Eamil from invalid users in own domains???


How about requiring SMTP authentication? That would impede inexistant users
from using you to relay.

Oh, and how about not using web bugs in your e-mail? ;-)

________________________________

From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf
Of Eric Sandquist
Sent: Wednesday, June 09, 2004 12:55 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Eamil from invalid users in own domains???


Is there a rule or how would we  or can we create a rule that will B/L email
addy's from invalid users on the domains which are being hosted?

We currently whitelist our domain, but would like to workaround for unknown
users...

Currently using Postfix, and this may be a postfix or procmail issue...

Latest SpamAssassin 3.00000, latest MailScanner, etc...
________________________________


Eric Sandquist
Systems Engineer
ICQ#: 10274846

________________________________



-------------------------- MailScanner list ----------------------
To leave, send    leave mailscanner    to jiscmail at jiscmail.ac.uk
Before posting, please see the Most Asked Questions at
http://www.mailscanner.biz/maq/     and the archives at
http://www.jiscmail.ac.uk/lists/mailscanner.html

-------------------------- MailScanner list ----------------------
To leave, send    leave mailscanner    to jiscmail at jiscmail.ac.uk
Before posting, please see the Most Asked Questions at
http://www.mailscanner.biz/maq/     and the archives at
http://www.jiscmail.ac.uk/lists/mailscanner.html

More information about the MailScanner mailing list