LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 03-14-2008, 01:12 PM   #1
krasl
Member
 
Registered: Nov 2005
Distribution: Fedora 4
Posts: 40

Rep: Reputation: 15
Sendmail: how to reject incoming spam spoofed from internal addresses


Hello. I am running a Fedora Core 4 server with Sendmail 8.13.6, Procmail and SpamAssassin 3.0.6.

My users have been receiving a LOT of spam which is spoofed to appear as if it comes from the user's own email address.
For example, user john@website.com receives email which appears to be FROM john@website.com.

Is there any way to configure Sendmail/Procmail to reject all mail in which the FROM line contains the address of an email account on this server?

In other words, if the FROM email address matches any of the email accounts set up on this server and the message did not originate from this server, the email should be rejected, since mail would NEVER originate from these users outside this server, and this would be a 100% foolproof spam indicator.
If possible, it should be rejected before the entire message is received, possibly at the point of the smtp "MAIL FROM:" command. Something like a User Unknown error would probably do the trick.

Is this a bad solution? Am I missing something obvious?

Even better and simpler would be this solution:
if the sender's domain name is hosted on this server and if the message did not originate from this server (ip address), reject the email.

Is this the whole point of SPF (http://openspf.org)?


Thank you!

Krasl
 
Old 03-15-2008, 05:54 AM   #2
datopdog
Member
 
Registered: Feb 2008
Location: JHB South Africa
Distribution: Centos, Kubuntu, Cross LFS, OpenSolaris
Posts: 806

Rep: Reputation: 41
Yes that is what SPF is designed for.
 
Old 03-17-2008, 10:47 AM   #3
krasl
Member
 
Registered: Nov 2005
Distribution: Fedora 4
Posts: 40

Original Poster
Rep: Reputation: 15
Anyone else

Hi. Does anyone else have any suggestions? Maybe a sendmail.cf setting?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
reject=451 sendmail spooge Linux - Networking 1 06-19-2007 11:20 PM
SPAM spoofed from my domain jantman Linux - Networking 10 02-07-2007 01:29 PM
forged - spoofed through sendmail latino Linux - Security 7 01-21-2007 06:20 PM
Apache won't accept or reject incoming internet connections but accepts on local lan zenchess Linux - Networking 3 06-10-2006 09:06 AM
Sendmail unable to send to internal addresses Nico Linux - Networking 3 09-19-2003 06:03 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 10:06 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration