On 06/01/2010 11:47, lstep wrote:
I get spams that have an 'Envelope-From' (Sender, or equivalent attribute)
different from the 'From' header contained in the mail. The spam sets the
'From' in the header to an (existing) internal user.
If the spammer would have set the Envelope-From to an internal user as well,
he would have been blocked, not by Spamassassin, but by the MTA (Postfix),
where I set the list of IP allowed to send mail as an internal user.
Is there something implemented in Spamassassin to test and prevent mails
that come from 'outside' that have the header 'From' set to an internal
user?
That would break a lot of list mail. Look at the From header compared to
the envelope sender on this email for example. I *think* you could
achieve what you're looking for by using DKIM and *requiring* that mail
from your domain is signed.
--
Mike Cardwell : UK based IT Consultant, LAMP developer, Linux admin
Cardwell IT Ltd. : UK Company - http://cardwellit.com/ #06920226
Technical Blog : Tech Blog - https://secure.grepular.com/blog/
Spamalyser : Spam Tool - http://spamalyser.com/
