[Mimedefang] COMMANDS file including invalid e-mail addresses
james.madill at duke.edu
james.madill at duke.edu
Mon May 16 17:29:00 EDT 2005
A recent bout of spam illuminated an issue that I would like to eliminate.
The SMTP gateways I run MIMEDefang on both relay messages to internal hosts as well as act as local hosts for the institutional e-mail address format. An anti-spam package ahead of these SMTP gateways tags each incoming message with a 'spam score' if this score is higher than either the defaults or the recipient's personal settings, the message is quarantined, shunted to a seperate server for viewing or releasing, and eventual automatic deletion.
The spammer sent out massive amounts of mail to bogus accounts @ our institutional address domain. The result was that despite sendmail indicating to the sending host that an e-mail address was invalid, that address was included as a recipient in the MIMEDefang COMMANDS file. Once there, the message was acted on as if the address was a valid one and mail would be quarantined for a non-existant user.
I haven't yet been able to track down whether it is MIMEDefang including the these invalid addresses, or sendmail passing them on to the milter as if they were indeed valid.
Does anyone know what I might be able to do to eliminate these invalid addresses from appearing in the COMMANDS file?
-- James
o o o o o o o . . . _______________________ ________=======_T___
o _____ |James Madill | |Duke U. Health Sys|
>.][__n_n_| D[ ====|____ |james.madill at duke.edu| | (919) 668-2411 |
(________|__|_[____/____]_|_____________________|_|__________________|
_/oo O-O-O ` oo oo 'o^o^o o^o^o` 'o^o o^o`
-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
<http://www.duke.edu/~madil001/>
More information about the MIMEDefang
mailing list