Add logging info for untrusted sender
Price,Neil
NPrice at gibb.co.za
Thu Nov 27 12:02:28 CET 2008
On 27 November 2008 12:36 PM Loïc Elineau wrote
> Since a few days, we experience new kind of spam: somes use one of our
address
> to send spam to the same address.
> For example: spammers pretend being "contact at ourdomain.org" to send spams
to
> "contact at ourdomain.org".
> The result is, that the spam is effectively sent to
"contact at ourdomain.org"
> even if the sender is prefixed with "UNTRUSTED"
>
> Is there a way to block untrusted sender if they pretend being from a
domain
> at the kolab server? Another solution should be to add logging info to
> portfix.log (and thus eject them thew fail2log). But how to
> achieve this?
I don't use this within Kolab as I use a Postfix relay server but on that
server I have
In main.cf:
smtpd_recipient_restrictions = (lots of stuff),
permit_mynetworks,
check_sender_access
hash:/etc/postfix/sender_checks,
(lots of stuff incl rbl checks)
And in /etc/postfix/sender_checks I have
# disallow any incoming supposedly from one of our peebles
arcus.co.za 550 Illegal sender domain part
arcusgibb.co.za 550 Illegal sender domain part
gibb.co.za 550 Illegal sender domain part
Where these are my domains. Since my Kolab server is on a trusted network,
this rule does get applied to outgoing email. It blocks anyone attempting to
fake my domains.
I'm sure this could easily be adapted to a situation where the Kolab server
is not using a relay server.
More information about the users
mailing list