Date: Fri, 17 Dec 2010 01:15:24 +1100 (EST) From: Ian Smith <smithi@nimnet.asn.au> To: Bruce Cran <bruce@cran.org.uk> Cc: freebsd-questions@freebsd.org, Michelle Konzack <bsd4michelle@tamay-dogan.net> Subject: Re: Spam with fake address from the list? Message-ID: <20101217000955.D83735@sola.nimnet.asn.au> In-Reply-To: <20101216120053.58A8F1065712@hub.freebsd.org> References: <20101216120053.58A8F1065712@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Re: freebsd-questions Digest, Vol 341, Issue 6, Message: 27 On Thu, 16 Dec 2010 11:44:09 +0000 Bruce Cran <bruce@cran.org.uk> wrote: > On Thu, 16 Dec 2010 12:40:35 +0100 > Michelle Konzack <bsd4michelle@tamay-dogan.net> wrote: > > > does someone get this kind of spam too? > > Yes, lots of people have been getting that for a few months. > parklogic claim there's not anything they can do about it despite it > apparently coming from their servers. If you researched the mob running parklogic, I suspect you'd tend to give any claims they may make scant credence, to say the very least. These forged messages were blocked inbound to the FreeBSD mailservers in August, but continue to be sent individually to participants harvested from messages posted to this list, and likely will continue to be. Since this is becoming a FAQ: To date all of these forged messages contain the following mail headers: > Return-Path: <anonymous@dusk.parklogic.com> > Received: from dusk.parklogic.com (allmail.0b2.net [64.38.11.26]) Having your mailserver refuse connections from IP address 64.38.11.26 or domain 0b2.net, or envelopes sent by parklogic.com, definitively solves this problem. In sendmail /etc/mail/access syntax, use any or all of: From:parklogic.com REJECT Connect:64.38.11.26 REJECT Connect:0b2.net REJECT For those without control over their inbound mailserver, try to block or filter mail based on those Return-Path: or Received: headers above, or on the Message-ID: header which has always contained 'parklogic.com': > Message-ID: <20101110202251.16589.qmail@dusk.parklogic.com> And don't forget to wash your hands after flushing :) cheers, Ian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20101217000955.D83735>