On 2011-07-13 17:51:40 (+0200), Geert Mak <po...@verysmall.org> wrote: > > On 13.07.2011, at 17:07, Victor Duchovni wrote: > > > On Wed, Jul 13, 2011 at 04:57:02PM +0200, Geert Mak wrote: > > > >> is it possible to reject/redirect on postfix level (to a spam catcher > >> account we monitor) - > >> > >> - all mail sent to undisclosed recipients > > > > Why not focus on spam, rather than weakly correlated factors. It is probably > > best to deploy a decent spam filter. > > We have Spamassassin. > > But I thought that this is a simple enough case to be handled directly on > Postfix level before even entering Spamassassin. > > >> - all mail sent with "our" addresses in From: but not originating from > >> us (or mail server is in-house, one server with one IP) > > > > This would be a mistake. For example, you'd never see your own posts to > > this list. > > Oh... I see. > > > This said, you may find that filtering the envelope sender (rather than > > the From: header) is reasonably effective. The main collateral damage is > > "forward an article" newspaper sites, ... which send email with envelope > > address set to the visitor's alleged address. > > I see, this seems not an easy one.
It isn't that hard to set up actually using restriction stages. 1. Make sure your own outbound traffic is allowed out 2. Everything that reaches this step is coming from outside (inbound) and should not have your domain(s) in their envelope. You can implement these steps with check_sender_access and check_client_access The newspaper sites mentioned above are, in my opinion, doing the wrong thing by spoofing their envelopes. > > Thank you! > > Geert
