On Fri, 2009-12-11 at 11:57 +0000, Dave Cross wrote: > 2009/12/10 kevin <kevin@xxxxxxxxxxxxxx>: > > Please if anyone knows how to stop this with postfix and amavisd-new please > > let me know !!! > > > > I am clueless how someone outside $mynetworks was able to do it. > > As others have said, it's just a spammer spoofing your email address. > > See http://en.wikipedia.org/wiki/Joe_Job > > You might also look at http://en.wikipedia.org/wiki/Sender_Policy_Framework For Postfix in particular, try: http://www.postfix.org/ADDRESS_VERIFICATION_README.html Turning on sender verification is dangerous, in that you WILL get false positives due to things like misconfigured clients. You would need to add something that caused it to only try sender verification for addresses within your own domain. That will help, but it wouldn't take the spammers long to figure out some addresses within your domain that are valid and would get past this check. What is really needed to absolutely put a stop to this sort of thing is two SMTP servers. One is used by your users who authenticate first and then have a relatively filter-free server after that. The other can then implement more strict access restrictions such as blocking anything that claims to come from your own domain that is coming in from something not in $mynetworks. But this forum is a bit too general for detailed Postfix tutorials. You will be better off asking on the Postfix list and checking the Postfix web site where the real Postfix experts live. Proper spam filtering is hard to get right. --Greg -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
