Bouncing to spoofed domain name
John Rowan
rowan at rownetco.com
Thu Apr 12 14:33:05 IST 2007
Is there any way to configure MailScanner to bounce mail to the abuse
contact of an IP Netblock rather than what happened below.
The sender was falsified and MailScanner sent it to the non existent
person at watermaster.org. Watermaster.org rejected the bounce
since ktf doesn't exist. I'm dealing with the same problem on several
servers where garbage is being sent out saying it is from domains
I support and then it's bounced to me but my /etc/mail/virtusertable is
similarly configured to that mail to non existent users is not accepted.
In the example below the mail came from 219.134.77.247 which is in China
inetnum: 219.128.0.0 - 219.137.255.255
netname: CHINANET-GD
descr: CHINANET Guangdong province network
descr: Data Communication Division
descr: China Telecom
country: CN
I would want to bounce to the correct: abuse at gddc.com.cn
-------- Original Message --------
Subject: Bad Filename Detected
Date: Thu, 12 Apr 2007 04:20:57 -0400
From: MailScanner <postmaster at corvette.deleted.com>
To: postmaster at corvette.deleted.com
The following e-mails were found to have: Bad Filename Detected
Sender: ktf at watermaster.org
IP Address: 219.134.77.247
Recipient: username at deleted.com
Subject: I Love You Because
MessageID: l3C8KHHg013901
Report: MailScanner: Executable DOS/Windows programs are dangerous in email (greeting card.exe)
--
MailScanner
Email Virus Scanner
www.mailscanner.info
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20070412/fae9af87/attachment.html
More information about the MailScanner
mailing list