J.P. Trosclair wrote:
I have been working on a similar if not the exact same problem from what I've seen in this thread. The problem being from = to address and how to stop spam that does this. My idea for a solution to this problem was to require any mail claiming to be from a local account to authenticate first when arriving from outside of the network and heading to a local mailbox. As it has already been pointed out, there are cases where you have false positives, in fact I found one yesterday with a user's blackberry setup shortly after I set it up. I'm thinking that utilizing check_client_access before check_sender_access under smtpd_recipient_restrictions and adding exceptions for these few cases is a sound solution. It's obviously not perfect because of the administration overhead of having to watch for these special circumstances. I have yet to test this. Any thoughts on this approach?
Very likely there are other, better ways to combat this spam. Look for other traits you can use to reject it.
some things to look for: - client listed on some RBL - client name that looks dynamic - using your domain or IP as HELO - unusual headers - body text unlikely to be found in legit mail If that doesn't help, consider adding SpamAssassin and/or ClamAV. -- Noel Jones
