I realize this question is probably best served by the sendmail mailing list,
but whereas I've added the Spam Assassin filter, I'm hoping to find a larger
community here that is running FreeBSD + sendmail + SpamAssassin who
have handled this, so I don't have to ask the question in 3 places :)
The issue I seem to be having is that messages are coming in, forged from my
domain, but sent to a valid user within my domain (e.g. from [EMAIL PROTECTED]
to
[EMAIL PROTECTED]) containing a virus attachment.
I had assumed that sendmail would be smart enough to look at the fqdn portion,
and see that the sender is not in fact from that domain at all (a quick
reverse/forward DNS lookup of the inbound socket should prove this), and trash
this.
Is there an easy way to shut this down? An example mail log entry (for
reference)...
Jun 14 09:16:47 spoon sm-mta[26398]: j5EDGgha026398: from=<[EMAIL PROTECTED]>,
size=79449, class=0, nrcpts=1, msgid=<[EMAIL PROTECTED]>, proto=ESMTP,
daemon=IPv4, relay=255-115.users.forrester.com [63.76.255.115] (may be forged)
Jun 14 09:16:47 spoon spamd[697]: connection from localhost.beta.com
[127.0.0.1] at port 64931
Jun 14 09:16:47 spoon spamd[697]: info: setuid to root succeeded
Jun 14 09:16:47 spoon spamd[697]: Still running as root: user not specified
with -u, not found, or set to root. Fall back to nobody.
Jun 14 09:16:47 spoon spamd[697]: processing message (unknown) for root:65534.
Jun 14 09:16:49 spoon spamd[697]: clean message (-0.0/5.0) for root:65534 in
2.2 seconds, 80647 bytes.
Jun 14 09:16:49 spoon spamd[697]: result: . 0 -
ALL_TRUSTED,HTML_10_20,HTML_MESSAGE,MIME_HTML_ONLY,MISSING_MIMEOLE,NO_REAL_NAME,PRIORITY_NO_NAME
scantime=2.2,size=80647,mid=(unknown),autolearn=failed
Jun 14 09:16:49 spoon sm-mta[26398]: j5EDGgha026398: Milter add: header:
X-Spam-Status: No, score=-0.0 required=5.0
tests=ALL_TRUSTED,HTML_10_20,\n\tHTML_MESSAGE,MIME_HTML_ONLY,MISSING_MIMEOLE,NO_REAL_NAME,\n\tPRIORITY_NO_NAME
autolearn=failed version=3.0.2
Jun 14 09:16:49 spoon sm-mta[26398]: j5EDGgha026398: Milter add: header:
X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on spoon.beta.com
Jun 14 09:16:49 spoon sm-mta[26402]: j5EDGgha026398: to=<[EMAIL PROTECTED]>,
delay=00:00:07, xdelay=00:00:00, mailer=local, pri=110031, relay=local,
dsn=2.0.0, stat=Sent
-Brian
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
