Last night, someone somewhere attempted to send one of my users an email with
the W32/Fix trojan attached. Thanks to Jason's Scan4Virus script, it was picked
up and nixed at my mail gateway. Excellant (spoken with a Mr. Burns'esque
inflection) ... the hounds have been released.
However, The envelop sender was [EMAIL PROTECTED] rmc.ca is my domain, and of
course admin__ does not exist. Should this have been rejected? How can I tell
qmail to say that mail from rmc.ca should be from inside our network? I think I
am thinking about this the wrong way. I know qmail is supposed to verify the
sender domain, but is there some way I could prevetn this type of thing from
getting in? Had there been no virus, had it been just plain old spam, it would
have made it through because the domain, rmc.ca, is legit, but the sender was
not.
--
______________________________________________________
Mark Drummond|ICQ#19153754|mailto:[EMAIL PROTECTED]
Gang Warily|http://signals.rmc.ca/
Kingston Linux Users Group|http://signals.rmc.ca/klug/
