Prev: postfix nodup daemon configuration
Next: Strange lack of SMTP rejections
From: Abdullah Habib on 28 Sep 2009 00:53
Hello All,

First of all, I have no experience with Postfix. We didn't like it
back in the days of tcpwrappers, probably since it was in its infancy,
and stuck with now abandonware/sell-your-car-to-be-able-to-buy-1yr-
support-contractware sendmail.

So my question is theoretical:

What is the procedure to reject spoofed emails where sender and
receipient is the same?

Spammers spoof our email addresses to send SPAM to us. I like to block
these all since they are with 100% accuracy SPAM.

I am not interested in semantics of why doing this would be wrong in
case some bozo tries to CC himself or what not. In case you are
interested, here are the figures from an archive run yesterday,
rounded off for easy reading:

Duration: 10 years

60K legitimate mails received

450,000K REJECTED connections (access.db / tcpwrappers, we have
scripts parsing maillog every 5 mins and adding troublesome sites to
tcpwrappers for a week and persistent ones to iptables)

37,000K SPAM (14,000K of which is same sender-recipient)

Now important part is... Our users are educated, security is good,
never been an open relay, never been a part of security breach.

Thank you!

M

 | 
Pages: 1
Prev: postfix nodup daemon configuration
Next: Strange lack of SMTP rejections