David <[EMAIL PROTECTED]> writes: > The mail was not sent by me, but by someone else, who is apparently > forging the Return-Path: header, as well as the From: header and > inserting my e-mail address in those headers.
Your MTA creates the Return-Path: field from the envelope sender provided by the sending software during the SMTP transaction. The spammer is using your email address as the envelope sender. This is not uncommon. > So when TMDA tries to send the confirmation e-mail, it gets sent to > ME. If you don't have yourself whitelisted (and you shouldn't), it will end up in the pending queue. After a while, it will be deleted. It will cause no problems and shouldn't worry you. > but just the same, I'd prefer to bounce the message at some point to > prevent my system from even accepting it. I know that that is > something that should most likely be done from qmail before TMDA > ever sees it. You can put your own email address (or your entire domain) into /var/qmail/control/badmailfrom (man qmail-smtpd). qmail-smtpd will then reject that message during the SMTP transaction. Tim _____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
