Date: Tue, 14 Jun 2005 09:27:33 -0400 From: "Brian J. McGovern" <mcgovern@beta.com> To: questions@freebsd.org Subject: Sendmail relaying from remote domains? Message-ID: <200506141327.j5EDRXj2026483@spoon.beta.com>
next in thread | raw e-mail | index | archive | help
I realize this question is probably best served by the sendmail mailing list, but whereas I've added the Spam Assassin filter, I'm hoping to find a larger community here that is running FreeBSD + sendmail + SpamAssassin who have handled this, so I don't have to ask the question in 3 places :) The issue I seem to be having is that messages are coming in, forged from my domain, but sent to a valid user within my domain (e.g. from admin@fqdn.com to joeuser@fqdn.com) containing a virus attachment. I had assumed that sendmail would be smart enough to look at the fqdn portion, and see that the sender is not in fact from that domain at all (a quick reverse/forward DNS lookup of the inbound socket should prove this), and trash this. Is there an easy way to shut this down? An example mail log entry (for reference)... Jun 14 09:16:47 spoon sm-mta[26398]: j5EDGgha026398: from=<admin@spoon.beta.com>, size=79449, class=0, nrcpts=1, msgid=<200506141316.j5EDGgha026398@spoon.beta.com>, proto=ESMTP, daemon=IPv4, relay=255-115.users.forrester.com [63.76.255.115] (may be forged) Jun 14 09:16:47 spoon spamd[697]: connection from localhost.beta.com [127.0.0.1] at port 64931 Jun 14 09:16:47 spoon spamd[697]: info: setuid to root succeeded Jun 14 09:16:47 spoon spamd[697]: Still running as root: user not specified with -u, not found, or set to root. Fall back to nobody. Jun 14 09:16:47 spoon spamd[697]: processing message (unknown) for root:65534. Jun 14 09:16:49 spoon spamd[697]: clean message (-0.0/5.0) for root:65534 in 2.2 seconds, 80647 bytes. Jun 14 09:16:49 spoon spamd[697]: result: . 0 - ALL_TRUSTED,HTML_10_20,HTML_MESSAGE,MIME_HTML_ONLY,MISSING_MIMEOLE,NO_REAL_NAME,PRIORITY_NO_NAME scantime=2.2,size=80647,mid=(unknown),autolearn=failed Jun 14 09:16:49 spoon sm-mta[26398]: j5EDGgha026398: Milter add: header: X-Spam-Status: No, score=-0.0 required=5.0 tests=ALL_TRUSTED,HTML_10_20,\n\tHTML_MESSAGE,MIME_HTML_ONLY,MISSING_MIMEOLE,NO_REAL_NAME,\n\tPRIORITY_NO_NAME autolearn=failed version=3.0.2 Jun 14 09:16:49 spoon sm-mta[26398]: j5EDGgha026398: Milter add: header: X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on spoon.beta.com Jun 14 09:16:49 spoon sm-mta[26402]: j5EDGgha026398: to=<mcgovern@spoon.beta.com>, delay=00:00:07, xdelay=00:00:00, mailer=local, pri=110031, relay=local, dsn=2.0.0, stat=Sent -Brian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200506141327.j5EDRXj2026483>