I have qmail mailserver (Virtual Users & Domain). I have taken most of the anti-spam measures like spam assasin,qsheff(built-in ani-spam regex) scanner and clam av.
I'm also using RBLSMTPD (spamhaus SBL rules)
exec softlimit -m 40000000 \
envdir /etc/relay-ctrl relay-ctrl-chdir \
tcpserver -v -H -R -l $HOSTNAME -x /etc/tcp.smtp.cdb \
-c200 -u5002 -g5000 0 smtp rblsmtpd \
-b -r relays.ordb.org rblsmtpd -r sbl.spamhaus.org \
fixcrio relay-ctrl-check qmail-smtpd 2>&1 \
| setuidgid qmaill \
multilog t n100 s1000000 /var/qmail/logs/smtp & \
I haven't compiled qmail-smtpd with SMTP AUTH patch due to compilation problem. so it's an SMTP after POP authentication (relay-control). This is a part of my tcprules.
Note: 192.168.1.2 is the Private IP of my mailserver.
I have certain users accessing mailserver from internet(dynamic IP) so thats why u see the last rule ":allow".
I get several spam emails quarantined and the from field contains non exsistent users and the recipient field contains both exsistent and non-exsistent users.. For eg.
I checked the qmail.org site and there is a patch called check user but i cannot mess my live qmail setup by recompiling it.
Is there any way i can stop this without requiring any recompilation ?