bharathan kailath a écrit :
> i get spam mails that pretend to be from yahoo (eg.from yahoo.it
> <http://yahoo.it>, yahoo.nl <http://yahoo.nl>) on my postfix relay; how
> can i prevent such kind of foregeries
when asking for help about fighting spam, it is a good idea to show what
you are already doing to block spam.
you could reject such mail if it doesn't come from a *.yahoo.com host.
smtpd_recipient_restrictions =
...
reject_unauth_destination
...
check_client_access cidr:/var/db/dnswl/postfix-dnswl-permit
...
check_client_acess hash:/etc/postfix/client_whitelist
check_sender_access hash:/etc/postfix/forged_sender
== postfix-dnswl-permit
rsync this from dnswl.org
== client_whitelist
yahoo.com OK
.yahoo.com OK
yahoo.nl OK
.yahoo.nl OK
...
== forged_sender
yahoo.com REJECT forged sender
yahoo.nl REJECT forged sender
...
but this is problematic:
- the client_whitelist must include all domains that may be used in
hostnames of yahoo outbound relays. DNSWL helps here, but nothing
prevents yahoo from adding new relays...
- this relies on DNS, so will delay mail from yahoo if there are any DNS
problems. (again, DNSWL helps here)
if you see IPs of legitimate yahoo servers not listed in DNSWL, please
submit them.
