Fake domains - revisiting..

James Fagan jfagan at firstlightnetworks.com
Wed Mar 7 20:56:22 CET 2007

> Subject: Fake domains - revisiting..
> Hello
> We use Mailscanner on our schools firewall.
> We have the not uncommon issue with mail entering with fake domain
> that is,
> mail pretending to come from our domain. (How on earth they glean the
> email names to
> use is mind boggling to me?)
> I've read a few historic threads RE: this, but I'm after the current
> recommended
> procedure to deal with this issue.
> Running CentOS 3.3/sendmail-8.12.11-4
> I've added our domain name to sendmails access database
> (From:OurDomain.name.com), but
> suspect this may be a crude option to take - although it seems to
> Advice, Feedback appreciated...
> Cheers!
> Dave


You may want to look into a couple options. For starters if not already,
impliment zen from spamhaus http://www.spamhaus.org/zen/index.lasso , I
believe they have educational pricing if you have enough traffic. That
seems to catch a LOT garbage regardless of the domain name used on the

Also, look at smf-sav http://smfs.sourceforge.net/smf-sav.html sender
address verification.

Another is to use SPF records, you set them up with your DNS then use a
milter, smf-spf http://smfs.sourceforge.net/smf-spf.html this will match
the domain with the IP from where the connection is made and check if it
is the same one(s) listed in your DNS records. This seemed a bit much to
manage actualy in my experience, but will definatly work. 

Good Luck,


More information about the MailScanner mailing list