Christian Desrochers wrote:
Hi all,
We have a spam problem. We get a lot of emails, where the sender (MAIL FROM)
address is equal to the receiver (RCPT TO) address. When I look at the
"Received:" header field, the IP address of the server it's coming from, is
not our mail server.
I would like to know if there is a way to block (or tag as spam) those
emails, either with Postfix, SpamAssassin or Procmail, if they don't come
from our mail server?
Thanks,
Chris
This has been the popular topic for the past few days. You can block it
with postfix using something like this:
smtpd_recipient_restrictions =
permit_sasl_authenticated
permit_mynetworks
reject_unauth_destination
reject_unlisted_recipient
check_sender_access hash:/etc/postfix/sender_access # Look Here
reject_non_fqdn_recipient
/etc/postfix/sender_access:
.my_domain.ext REJECT Rejection reason here
[EMAIL PROTECTED] REJECT Not authenticated
There are pitfalls to using this approach. Forwarded mail from another
server will be rejected, for example. Thus, there are cases where you
get false positives. It's up to you to make the decision of what's
acceptable and what not. You can implement it on a per-user basis as
well which is what I'm really doing. I chose to inform the users of the
change and let them opt-in after knowing the potential risks. I can't
help you with solving the problem from spamassassin or procmail.
J.P.
