[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ezmlm
Subject:    Re: Help with qmail editing to reject envelope forgeries
From:       Rick van der Zwet <rick () wzoeterwoude ! net>
Date:       2007-01-17 12:55:29
Message-ID: 45AE1CC1.60806 () wzoeterwoude ! net
[Download RAW message or body]

Hi Dan,

On 1/17/07 3:12 AM, Dan O'Neill wrote:
> Hi,
> 
> |/var/qmail/bin/bouncesaying '5813 rejected' /var/qmail/bin/except
> /bin/sh -c 'echo "$SENDER" | /bin/grep -Eq "@yourdomain.com$"'
> 
Do mind this is very dangerous, cause when someone is sending an email 
with a different encoding, grep will get confused.
> However, now the spammers are forging the SENDER id.  How could I add 
> something to staff/editors to check the envelope "From " header, and if 
> not from our domain, reject them?
> 
-Using your old solution (shell)
|/var/qmail/bin/bouncesaying '5813 rejected' /var/qmail/bin/except
head -1 | grep -qE '^From .*@yourdomain.com.*'

-Use the '-u' flag, this will only allow members to post.
http://www.ezmlm.org/man/man1/ezmlm-make.1.html

-Put a spamfilter like spammasassin between your MTA and ezmlm and 
reject the message when the flag 'X-Spam-Status: *****' (or something 
like that), or pipe it though spamc and base your actions on the result 
of spamc.

I properly would stick with solution (2 &) 3

/Rick
-- 
http://rickvanderzwet.nl
[prev in list] [next in list] [prev in thread] [next in thread]