[Mimedefang] trouble with filter_sender and faked mail from mydomain to my domain
Scott Harris
mimedefang at webhounds.net
Wed Aug 16 11:53:09 EDT 2006
>
> Actually, the filter does not correspond to your description.
> You reject hosts, that use a HELO argument that ends in your
> domain, but
> are not one of the listed hosts. So this filter_sender() let pass
> the mail correctly.
> No sender check is made.
>
> BTW: The terms From: and To: usually apply to the headers of
> the mail, in
> filter_sender() you can check the envelope MAIL FROM: only.
Thanks for the reply Steffan and Jim. It seems I had a skewed
understanding of the logic ;)
Indeed, I went through the logs and checked and sure enough,
all the HELO's were not to my domain. In one example they
tried to fake the email my using my mail servers IP address,
so that got through as well, as expected.
Aug 15 04:39:28 mail2 mimedefang.pl[1865]: Scooter:
sender-><administrator at mydomain.com>, host->68.146.230.167,
hostname->S01060050bfafe5cc.cg.shawcable.net,
helo->S01060050bfafe5cc.cg.shawcable.net
Aug 15 12:47:56 mail2 mimedefang.pl[9795]: Scooter:
sender-><administrator at mydomain.com>, host->211.224.178.23,
hostname->[211.224.178.23], helo->64.44.55.179
So where should I filter the problem of the sender using my
domain as both the To: and the From:? The mimedefang or the
sendmail side?
Thanks again everyone.
Scott
More information about the MIMEDefang
mailing list