Quoting DTNX Postmaster <postmas...@dtnx.net>:
On 08 Aug 2014, at 14:53, Andre Luiz Paiz <andre.p...@iqm.unicamp.br> wrote:
I was trying to use check_sender_access as sugested here in the
forum to avoid this type of SPAMs. But it is not working.
check_sender_access works more like a blacklist and the spammers
are ready for that.
It is not working because you are confusing the envelope from with
the 'From:' header. The 'check_sender_access' restriction works for
the envelope only, not on the headers, and the headers are basically
untrustworthy and easily forged.
On my check_sender_access I registered webmas...@iqm.unicamp.br as
REJECT. So in my case this from it is the envelop, correct? You are
saying that I should register the
www-d...@109.red-81-45-22.staticip.rima-tde.net on check_sender_access?
Notice that the message was sent from
from=www-d...@109.red-81-45-22.staticip.rima-tde.net
to=webmas...@iqm.unicamp.br
[snip]
Inside the message, the FROM contains webmaster@mydomain...
Is there a way to create rules like check_sender_access but based
on the header inside the mail message instead of the server
connection?
I cannot block messages with SPF, because here we have a lot of
false positives.
SPF does not work because, like 'check_sender_access', it does only
work on the envelope, not the headers. For basic header checks, you
can use 'header_checks';
http://www.postfix.org/header_checks.5.html
I suspect that what you really need is better blacklisting, though.
There's generally no need to accept anything from generic hostnames
such as '109.red-81-45-22.staticip.rima-tde.net', for example.
Are you running postscreen? Using blacklists?
I use Spamassassin and PolicyD (Cluebringer). The access control in
PolicyD checks the header or envelope?
DonĀ“t know about postscreen, Can you please give an example of how it
should work?
Mvg,
Joni
Scanned and tagged with DSPAM 3.10.2 by Instituto de Quimica - Unicamp
!DSPAM:9303,53e4dca823581248319621!
Thanks
Andre
