On 7/17/24 18:04, Matija Nalis wrote:
I.e. would you consider it to be significantly less likely to be
spam if it contained "Dear Elizabeth," while being addressed to
"mark@domain" instead of to "elizabeth@domain" ?
I've seen quite a bit of spam that opens message bodies with:
Where is
On Wed, Jul 17, 2024 at 04:45:16PM -0400, Mark London wrote:
> Does anyone have a rule to detect "Dear xxx," in the body of the message,
> where the "To:" address is xxx@domain?
>
> We've been getting phishing email sent to us with variations of that. Hi,
> Dear, etc, followed by the username of t
Does anyone have a rule to detect "Dear xxx," in the body of the
message, where the "To:" address is xxx@domain?
We've been getting phishing email sent to us with variations of that.
Hi, Dear, etc, followed by the username of the address.
Thanks. - Mark
I am already using the no_default_msa, but the system does accept mail
both as an MTA and MSA. I am using DAEMON_OPTIONS to listen on port 465
etc, but even adding the M=C (no canonify) switch, the From: header
rewriting still occurs.
I've tested with another system using Postfix, and it does
The SMTP protocol RFCs are pretty clear, anything in angle-brackets '<' & '>'
take priority in defining an address field. So technically that's a legit local
address and sendmail is doing default MSA processing on it (IE treating it as a
bare username that needs the local hostname added).
Is
I have a spammer using a malformed From header, as follows:
From: sha...@marketcrank.com
The envelope from is: direcc...@delher.com.mx, and I've set up blocks
for that address.
Sendmail is munging the From: header to change to
, so it ends up looking like a local address to my users.
How
