Spam sent to me from my own mail server ?
Chris Pratt
eagletree at hughes.net
Wed Aug 27 19:06:43 UTC 2008
> Peter Ulrich Kruppa wrote:
>> Hello,
>> for some time now I keep receiving spam mails from my own (small)
>> mail server, some of them with faked usernames some of them even
>> with my own (ulrich at ...).
>
>
Matthew's message beat me to the response but I had typed
one. There are some great tools for this and many are in
ports. SPF and these do work. Here is what has been sitting in
my drafts, it may have some additional value.
...
I don't worry much about what I receive that is forged because
I'm reasonably sure that I didn't send it nor were my servers
leveraged. I monitor heavily. On the other hand,
I do make certain that others aren't receiving spam thinking
it's from my domains. SPF helps with this, information is
available on www.openspf.org. This doesn't stop forgery,
but it does give a tool to the receiver to verify what email
is actually from your domain and email server. It's
implemented very easily in your DNS entries. SPF is you telling
the world that you authorize your domain to send email only
from a specific set of servers (or a specific server). After you
implement SPF, after a few weeks, they will generally
stop using your domain because it's too frequently rejected
by receivers. It becomes less in their interest to forge your
domain so they go pick on someone else.
If you DO want to stop people using your domain in sending to
YOU, there are several tools to use in conjunction with sendmail
to do this. I use MailScanner which is available within ports.
If there are no relays involved in how you receive mail, this
works because SpamAssassin (automatically installed with
MailScanner) will see if the email you are receiving matched SPF.
Yours and everyone elses. There are good docs on the net for
using FreeBSD, sendmail, and MailScanner and it's dependencies.
If you can't find them, try this:
http://bio.fsu.edu/~sysalex/freebsd-mail-server.htm
If you are going to run a mail server, it's good to
have spam and virus defenses installed.
There are more direct methods of actually rejecting forged
emails within sendmail. You will find a list of these on the
SPF site under "implementations". These tools may or may not
be in ports. You will have to check on that. They make use of
the milter interface within sendmail.
The spf mail list is extremely helpful and professional if you have
questions on this. You can join this list on their site. I'm not
pushing their site or this draft standard, it's that SPF has
worked pretty well for what it does and it's open method of
dealing with the problems.
More information about the freebsd-questions
mailing list