Bouncing to spoofed domain name

Fri Apr 13 00:22:17 IST 2007

I use sendmail and it will REJECT (not bounce, bouncing to anything 
spoofed is bad) Domains that don't really exist. If you want to REJECT 
on a spoofed eMail address then you should use sender address 
verification. The one I use is smf-sav. It works very well. (I use 
sendmail)

<rant>
I absolutely hate eMail providers that accept eMail THEN check to see 
if the sender exists and bounces it back to the spoofed "From:" 
address if not. This should be done during the SMTP phase and REJECT 
so only the spoofing sender is bothered. Most of these servers wind up 
on my blacklist wind up on my blacklist.
</rant>

On Thu, 12 Apr 2007 14:41:18 +0100
  Gareth <list-mailscanner at linguaphone.com> wrote:
>You can get Postfix to verify that the sender address exists. It does
>this by connecting to the mail server for the domain and checks to 
>see
>if the server accepts the senders email address. For more information
>see http://www.postfix.org/ADDRESS_VERIFICATION_README.html
>
>The downside of this is that your mail server pauses while it checks 
>the
>address so if it takes a while the sender may time out. This is rare
>though as most timeouts are quite long. All check results are cached.
>
>I use this myself but on the destination address so Postfix rejects 
>mail
>to users who dont exist at our domains.
>
>On Thu, 2007-04-12 at 14:33, John Rowan wrote:
>> Is there any way to configure MailScanner to bounce mail to the 
>>abuse
>> contact of an IP Netblock rather than what happened below. 
>> The sender was falsified and MailScanner sent it to the non existent
>> person at watermaster.org.  Watermaster.org rejected the bounce
>> since ktf doesn't exist.  I'm dealing with the same problem on 
>>several
>> servers where garbage is being sent out saying it is from domains
>> I support and then it's bounced to me but my /etc/mail/virtusertable
>> is similarly configured to that mail to non existent users is not
>> accepted.
>> 
>> In the example below the mail came from 219.134.77.247 which is in
>> China
>> 
>> inetnum:      219.128.0.0 - 219.137.255.255
>> netname:      CHINANET-GD
>> descr:        CHINANET Guangdong province network
>> descr:        Data Communication Division
>> descr:        China Telecom
>> country:      CN
>> I would want to bounce to the correct: abuse at gddc.com.cn
>> 
>> -------- Original Message -------- 
>>                           Subject: 
>> Bad Filename Detected
>>                              Date: 
>> Thu, 12 Apr 2007 04:20:57 -0400
>>                              From: 
>> MailScanner
>> <postmaster at corvette.deleted.com>
>>                                To: 
>> postmaster at corvette.deleted.com
>> 
>> The following e-mails were found to have: Bad Filename Detected
>> 
>>     Sender: ktf at watermaster.org
>> IP Address: 219.134.77.247
>>  Recipient: username at deleted.com
>>    Subject: I Love You Because
>>  MessageID: l3C8KHHg013901
>>     Report: MailScanner: Executable DOS/Windows programs are 
>>dangerous in email (greeting card.exe)
>
>-- 
>MailScanner mailing list
>mailscanner at lists.mailscanner.info
>http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
>Before posting, read http://wiki.mailscanner.info/posting
>
>Support MailScanner development - buy the book off the website! 

--------------------------------------------------
Dennis Willson

taz at taz-mania.com
http://www.taz-mania.com

Ham (Extra Class w/code): KA6LSW
GMRS : WQGF680
Scuba: Rescue Diver, EANx, Wreck, Night, Alt, 
Equip, UW Photographer, Gas Blender

Life should not be a journey to the grave with the intention of 
arriving safely in a nice looking and well preserved body, but rather 
to skid in broadside, thoroughly used up, totally worn out, and loudly 
proclaiming, "WOW! WHAT A RIDE!"