Spoofing

[datadan]

Is there a way to configure sendmail to not allow spoofing from internal addresses? (I realized that I will not be able to stop, nor perhaps should not stop external emails that are spoofed).

Part of the problem for us with this latest virus is our virus scanner cannot properly identify the sender so it sends notification about infected files to someone other than the real sender.

Thoughts?

 

[dbase77]

Hi,

Instead of notifying sender, delete mail that contains virus.

You can also use access control list to block mail. example:

cyberspammer.com 550 We don't accept mail from spammers
FREE.STEALTH.MAILER@ 550 We don't accept mail from spammers
another.source.of.spam REJECT
okay.cyberspammer.com OK
128.32 RELAY

dbase77

 

[datadan]

dbase77,

Thank you for the suggestion. I am agressive with my access lists.

However, I do want to notify the sender that they have a virus. More importantly, when I, as the administrator, am cc'd about such an event I want to know which computer is the offending computer.

If the virus spoofs an email address I do not know which computer was infected to begin with.

I thought sendmail had some anti-spoofing commands.

 

[dbase77]

Hi,

have you try google or sendmail.org website? When you said "computer", are you referring computer within your network or outside world?

dbase77

 

[bierhunter]

I've set up mailscanner

http://www.mailscanner.info

and spamassassin

http://www.spamassassin.org

to work with my sendmail. Almost all of the problems went away.

If you haven't tried them, you may want to give them a shot.

There's also a webmin plugin for mailscanner that is really helpful.