Fake domains - revisiting..
James Fagan
jfagan at firstlightnetworks.com
Wed Mar 7 20:56:22 CET 2007
> Subject: Fake domains - revisiting..
>
> Hello
>
> We use Mailscanner on our schools firewall.
>
> We have the not uncommon issue with mail entering with fake domain
names,
> that is,
> mail pretending to come from our domain. (How on earth they glean the
> email names to
> use is mind boggling to me?)
>
>
> I've read a few historic threads RE: this, but I'm after the current
> recommended
> procedure to deal with this issue.
>
> Running CentOS 3.3/sendmail-8.12.11-4
>
> I've added our domain name to sendmails access database
> (From:OurDomain.name.com), but
> suspect this may be a crude option to take - although it seems to
work?
>
> Advice, Feedback appreciated...
>
> Cheers!
> Dave
Dave,
You may want to look into a couple options. For starters if not already,
impliment zen from spamhaus http://www.spamhaus.org/zen/index.lasso , I
believe they have educational pricing if you have enough traffic. That
seems to catch a LOT garbage regardless of the domain name used on the
envelope.
Also, look at smf-sav http://smfs.sourceforge.net/smf-sav.html sender
address verification.
Another is to use SPF records, you set them up with your DNS then use a
milter, smf-spf http://smfs.sourceforge.net/smf-spf.html this will match
the domain with the IP from where the connection is made and check if it
is the same one(s) listed in your DNS records. This seemed a bit much to
manage actualy in my experience, but will definatly work.
Good Luck,
James
More information about the MailScanner
mailing list