How to block forged From: in DATA section?
Hi, My Postfix setup works quite well blocking most spam. But I sometimes get spam with (to my untrained eye) valid MAIL from: and RCPT to: email addresses but in the DATA section there is a forged From: m...@mydomain.com. At least that's how it works when I use telnet to port 25 on my Postfix box. I tried the example header_checks [1] from the BACKSCATTER_README which work fine except that they also block my own email. What is the proper way to block forged From: addresses in the DATA section? Thanks for any pointers or which FMTR. Regards, Patrick /etc/postfix/header_checks: /^(From|Return-Path):.*\b(user@domain\.tld)\b/ reject forged sender address in $1: header: $2
Re: How to block forged From: in DATA section?
Am 01.06.2012 02:07, schrieb Patrick Lists: My Postfix setup works quite well blocking most spam. But I sometimes get spam with (to my untrained eye) valid MAIL from: and RCPT to: email addresses but in the DATA section there is a forged From: m...@mydomain.com. At least that's how it works when I use telnet to port 25 on my Postfix box. I tried the example header_checks [1] from the BACKSCATTER_README which work fine except that they also block my own email. What is the proper way to block forged From: addresses in the DATA section? there is no proper way simply because it is legitimate that From: is not the same as the envelope sender - if you are trying to block such mails you would block many regular mails! signature.asc Description: OpenPGP digital signature
Re: How to block forged From: in DATA section?
Hi Reindl, On 01-06-12 02:10, Reindl Harald wrote: I tried the example header_checks [1] from the BACKSCATTER_README which work fine except that they also block my own email. What is the proper way to block forged From: addresses in the DATA section? there is no proper way simply because it is legitimate that From: is not the same as the envelope sender - if you are trying to block such mails you would block many regular mails! Thank you for making that clear. Regards, Patrick
