RE: [SLE] sendmail and fake MAIL FROM:

Without knowing anything about the sendmail options you are presently using, I can only suggest: we have found the relay_based_on_MX feature a valuable one. It works as long as your administrator controls all of the MX records in your domain, because spammers don't send their trash that can be traced back to their own domains! By all means stay clear of the relay_local_from feature because it would allow spammers to write whatever they please in the from header, including of course your local domain name. Maybe that will steer you in a useful direction!

I searched in internet (sdb, faq ...) to solve the following little problem but could not locate any answer.

We would like to disallow on our mailservers anybody (spammer?) to fake the sender as

MAIL FROM: user@ourdomain.com

unless the connection comes from the list of domains that we allow relaying (via access.db). One way is to require SMTP AUTH mechanism but this seems to be too demanding for mail clients and is quite unnecessary as we relay just a few trusted domains and also our own users are considered to be trusted.

I would prefer a sendmail solution if possible. ^^^^^^^^

In short how make it impossible to have a mail header like:

...

From someuser@our-domain.com Received: from foreign-domain.com by mailserver.our-domain.com for To: user@ourdomain.com

This is quite a typical spam pattern!

Any solution, hints?

Thanks in advance, Kaupo Palo

-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com

-- George Walsh, Managing Director, CruiseRoutes Division, DSC Directional Services Corp Courtenay, British Columbia, Canada __________________________________________________________________ Your favorite stores, helpful shopping tools and great gift ideas. Experience the convenience of buying online with Shop@Netscape! http://shopnow.netscape.com/ Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/