[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Spoofed email



Nadim Shaikli a écrit :

Anyone with enough expertise to decipher the example noted in this
document,

http://www.postfix.org/FILTER_README.html

search for 'Filtering mail from outside users only' towards the end
of the page.  I'm not sure what those 1.2.3.4 and 1.2.3.5 are supposed
to denote and what are we supposed to set them to ?  The "foo:bar" didn't
make sense either.

1.2.3.4 is suppose to be your own network IP's.
It apply to a company mail server or an ISP where you check that only you customers or employees can send mail without mail filtering and people from outside will be checked, I don't think it's applicable here as we're all from outside.


I think we're looking on the wrong place with Postfix.
The spam came from Mailman.
If mailman accept it, the mail server will consider it's an inside mail.

My question is you say mailman accept all subscribed user + all @arabeyes.org.
Who is sending mail from XXX at arabeyes dot org and is not a subscribed user ?


It's certainly possible to use only subscribed users then check on Postfix that all From:XXX at arabeyes domains are coming through mailman, or make a POP before SMTP check for these user (it means force the user to read it's mail box - thus giving it's password - before sending from you mail server)

Hope it help

Regards
Armelle



I've just learned that what is noted on the URL above does apply to postfix-2.0 as well.

Anyone ?

Salam.

- Nadim