[Mimedefang] Re: [OT] Advice for RFC1123 5.2.9
Jeremy Mates
jmates at sial.org
Wed Jun 25 09:55:01 EDT 2003
* Michael C. Hanson <mch at quicksilver.com>
> relay=mta156.mail.scd.yahoo.com [66.218.86.72]
> Jun 24 16:45:00 shiba sendmail[29456]: h5ONj07I029456:
> <5mf7kurq0xv at quicksilver.com>... User unknown
Those look more like bounces from other mail sites; someone could
be forging mail from your domain. Easiest way to check this is to
add a LUSER_RELAY statement to your sendmail.mc, and look at the
message contents to see if the messages are spam bounces.
define(`LUSER_RELAY', ``local:username'')
Some spammer(s) appear to be doing this for my sial.org domain when I
looked at a bounce or two, and looking at my logs at work indicates a
large number of other domains are likely being used to forge sender
information.
On the fixing-the-problem front, there have been discussions on adding a
RMX DNS record that would allow sites to specify their outgoing mail
hosts (allowing me to specify that sial.org mail can only come from
216.39.146.75, for instance), and some politicians have proposed that
spammers be somehow required not to forge the sender information.
More information about the MIMEDefang
mailing list