On Wed, 4 Apr 2007, Dean Clapper wrote: > A couple of emails are getting through that are being marked as > not spam but is clearly spam. The problem is the spammers put in > the from line our domain. However, the return path is something > totally different. > > Is there a good way to handle these messages that get through?
Are you by any chance using "whitelist_from"? If so, stop using it. As you're seeing, that is trivially easy to bypass through header forgery. Read the config documentation for "whitelist_from_rcvd", it is much more robust. -- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ [EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED] key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- Windows Genuine Advantage (WGA) means that now you use your computer at the sufferance of Microsoft Corporation. They can kill it remotely without your consent at any time for any reason. ----------------------------------------------------------------------- 9 days until Thomas Jefferson's 264th Birthday
