Ronald MacDonald wrote:
It's been a hectic couple of weeks, and I'm getting complaints from
users after having upgraded to a new system that mails are coming in
which have been spoofed. I see exactly what's going on - a rogue
system opens up port 25 on my system, tells it the mail's from one of
the users on the system, and then sends the mail to the same user,
completely bypassing my content-filter (amavis) as it's not checked
against the sender or recipient restrictions, somehow.
However, in one of those "crap, what do I do now" moments, I'm
confuzzled as to how to get Postfix to realise that the mail *should*
be checked, since it's coming in from outside the network.
Any ideas as to what might be the best way to fix this?
Thank you for the postconf -n output. Please also provide logs of such
email bypassing your content filter. We can't help you trace the email
and find the configuration error without them.
