uk.comp.os.linux
[Top] [All Lists]

Re: Spam / Procmail filter help

Subject: Re: Spam / Procmail filter help
From: Martin Gregorie
Date: Mon, 16 Jul 2007 18:51:03 +0100
Newsgroups: uk.comp.os.linux


Justin C wrote:
I'm getting spam which is defeating SpamAssassin, I think it's because
*@[ourdomain].com is whitelisted in /etc/local.cf. The problem
messages appear to come from me, the From and Reply-To addresses are:

Brandy Lugo <justin@[ourdomain].com>

the email address is mine, the user name is not.

I'm reluctant to remove '*@[ourdomain].com' from the local spamassassin
file, I don't want spamassassin wasting it's time scanning local
originating messages, but I would like to catch messages like the above.
As Exim hasn't managed to reject it, and spamassassin sees it as
whitelisted, I can only think of procmail to catch these. I've only used
procmail to sort legitimate mail, or send spam (already identified by
sa-exim) to /dev/null. I don't have a clue where to start with this one.

Have you set up an SPF record for your domain? If not, it might be worth doing so because Spamassassin can use it to detect forged sender domains. Doing this should avoid the need to whitelist your own domain.

http://www.openspf.org/   has the documentation, a wizard, etc.

http://www.kitterman.com/spf/validate.html   has an online checker.

IMO you need both: the wizard doesn't validate what it has generated and the validator can validate the string before you publish it and afterwards too.


--
martin@   | Martin Gregorie
gregorie. | Essex, UK
org       |

<Prev in Thread] Current Thread [Next in Thread>