[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Spoofed email
- To: "Administrative (website/upkeep) Discussions" <admin at arabeyes dot org>
- Subject: Re: Spoofed email
- From: Nadim Shaikli <shaikli at yahoo dot com>
- Date: Fri, 7 May 2004 00:03:53 -0700 (PDT)
--- Armelle Nedelec <arn at scs-net dot org> wrote:
> I'm not an expert in Postfix, but I would like to know one or two things :
>
> 1 - Kind of spams :
> - Did the spam about microsoft came to all General List subscriver ?
> I don't remember receive it
It went to the 'cvs' mailing-list (follow the link that was outlined
earlier - the header is also noted in munzir's post).
> - The spam about Nadim came really to all.
The problem is not in its replication as much as it is in it getting
past our defenses. In other words, how do we protect ourselves before
such messages land or reach mailman.
Again for the record - the microsoft spam thingie is more of a concern
to me.
> 2 - Are those spam in the mailing list archive ?
They should all be there, yes.
> 3 - Are those spam in Postfix Logs ? can we have the extract of the log.
The log is minimal and it all stems from have different 'envelope' and
header From fields and different applications checking on different
things (postfix uses the envelope while mailman uses the header).
> 4 - What your version of Postfix and Mailman ? Did you installed latest
> patch ?
Don't know about patches (I don't think this is a bug - I think its a
setting that needs tweaking). Mailman-2.1.3-2 and postfix-2.0.16-4
(debian of course).
I fail to see why its so hard to simply check the envelope sender against
the From header field - seems like a simple thing to do, I just can't
figure how to tweak postfix into doing it at the right place (so internal
emails going out are not affected).
Salam.
- Nadim
__________________________________
Do you Yahoo!?
Win a $20,000 Career Makeover at Yahoo! HotJobs
http://hotjobs.sweepstakes.yahoo.com/careermakeover