Victor Duchovni wrote: > On Sat, Jan 03, 2009 at 01:32:39AM +0800, William Kisman wrote: > > >> Thank you IBBoard, that is a nice idea, I am trying to understand it. >> >> Now I understand, thank you very much. This is the first time I make use of >> my evolution mail menu to view the message headers, so the header does show >> the SMTP id as well and I can use that to grep it in postfix log. >> >> Return-path: <i...@qwestcz.cz> >> X-original-to: i...@mydomain.com >> Delivered-to: i...@mydomain.com >> Received: from conaxedition (unknown [88.229.53.253]) by >> mail.mydomain.com(Postfix) with SMTP id 2D1A31980003 for < >> i...@mydomain.com>; Thu, 1 Jan 2009 11:04:47 -0800 (PST) >> To: i...@mydomain.com >> Subject: nhmt i...@mydomain.com Thu, 1 Jan 2009 09:05:34 +0200 70%0FF fqnjw >> From: Viagra.com <i...@mydomain.com> >> Mime-version: 1.0 >> Content-type: text/html >> Message-id: <20090101190448.2d1a31980...@mail.mydomain.com> >> Date: Thu, 1 Jan 2009 11:04:47 -0800 (PST) (Fri, 03:04 MYT) >> X-evolution-source: imap://will...@mail.mydomain.com/ >> > > This message is a remote forgery received from 88.229.53.253. You must > not expect the "From:" header to be authentic. Senders (spammers, > newspapers with "send this article" links, ...) will for various > reasons use your address in email headers. This cannot be prevented. > > For the Record: grkni...@mx1 ~ $ host 253.53.229.88.zen.spamhaus.org 253.53.229.88.zen.spamhaus.org has address 127.0.0.10
A simple addition of 'reject_rbl_client zen.spamhaus.org' at the end of smtpd_recipient_restrictions would have blocked this particular message. SpamHaus is generally considered safe to use, just be sure to read and understand their usage policies at spamhaus.org Brian
