LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
LinkBack Search this Thread
Old 02-02-2009, 03:16 PM   #1
ddaas
Member
 
Registered: Oct 2004
Location: Romania
Distribution: Ubuntu server, FreeBsd
Posts: 452

Rep: Reputation: 30
postfix - how to block forged sender e-mail addresses


Hi there,
I've managed to get rid of most of the spams using different postfix restrictions.
There are a lot of spams with the sender from one of my domains.
I'm using virtual domains.

How can I block e-mails that are coming from a remote smtp server and the sender belongs to one of the virtual domains?

Thanks
 
Old 02-02-2009, 07:13 PM   #2
gilead
Senior Member
 
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,123

Rep: Reputation: 151Reputation: 151
If you administer the DNS server that resolves your domains you could use SPF to restrict who can send using your domain.

There are situations where this won't work though so it's worth reading the docs first, although it's possible I've just done it wrong. My setup where my external DNS is at dyndns.com doesn't work for me.
 
Old 02-03-2009, 07:41 AM   #3
ddaas
Member
 
Registered: Oct 2004
Location: Romania
Distribution: Ubuntu server, FreeBsd
Posts: 452

Original Poster
Rep: Reputation: 30
ok, but there isn't something more simple. Maybe a postfix restriction that denies e-mails from remote smtp servers if the sender belongs to a local domain?
 
Old 02-06-2009, 10:32 AM   #4
ddaas
Member
 
Registered: Oct 2004
Location: Romania
Distribution: Ubuntu server, FreeBsd
Posts: 452

Original Poster
Rep: Reputation: 30
nobody is getting these kind of spams?
 
Old 02-06-2009, 02:06 PM   #5
auximini
Member
 
Registered: Dec 2003
Location: Calgary, AB
Distribution: Any!
Posts: 146

Rep: Reputation: 18
If you're talking about Backscatter spam (where your users are receiving bounces of spam because they are listed as the From field), there is a whole section about this on the Postfix site:

http://www.postfix.org/BACKSCATTER_README.html

I personally haven't used any of the methods yet, but this might be what you're looking for.
 
Old 02-06-2009, 02:12 PM   #6
gilead
Senior Member
 
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,123

Rep: Reputation: 151Reputation: 151
The risk with stopping remote domains sending as your domain is that mobile users who temporarily use a different SMTP server can be blocked. That's the reason for the SPF stuff, to allow specific domains to do this.

Between spam-assassin and clamav my users get almost no dodgy emails. Apart from checking the spam folders to train spam-assassin it's a low maintenance way to do it.
 
Old 02-07-2009, 03:14 AM   #7
ddaas
Member
 
Registered: Oct 2004
Location: Romania
Distribution: Ubuntu server, FreeBsd
Posts: 452

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by gilead View Post
The risk with stopping remote domains sending as your domain is that mobile users who temporarily use a different SMTP server can be blocked. That's the reason for the SPF stuff, to allow specific domains to do this.

Between spam-assassin and clamav my users get almost no dodgy emails. Apart from checking the spam folders to train spam-assassin it's a low maintenance way to do it.
Ok, I understand that. In my particular case and on my server there are no mobile users. Every user is sending email using the same server.
I remember that I've read about a postfix restriction that blocks that kind of spams. But I can't remember and also I can't find it anymore.
 
Old 02-07-2009, 01:51 PM   #8
gilead
Senior Member
 
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,123

Rep: Reputation: 151Reputation: 151
Does the info here help at all? I did some searches for blocking domain spoofing with postfix, but since I'm not running postfix here I didn't know which would most likely be useful.
 
Old 02-08-2009, 02:19 AM   #9
ddaas
Member
 
Registered: Oct 2004
Location: Romania
Distribution: Ubuntu server, FreeBsd
Posts: 452

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by gilead View Post
Does the info here help at all? I did some searches for blocking domain spoofing with postfix, but since I'm not running postfix here I didn't know which would most likely be useful.
thank you ! that was what I was looking for
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
POSTFIX how to block/delete mail from sender... hct224 Linux - Newbie 5 12-29-2009 10:11 PM
Split postfix sender mail traffic gabsik Linux - Server 3 07-04-2008 06:07 PM
postfix block sender ip csdhiman Linux - Server 3 08-07-2007 10:08 AM
Undelivered Mail Returned to Sender - Block Email henryvl Linux - Networking 1 02-15-2006 04:31 AM
Postfix Bounce Mail To sender when error is found heero82 Linux - Software 1 10-14-2005 03:46 PM


All times are GMT -5. The time now is 10:32 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration