From owner-freebsd-questions@FreeBSD.ORG  Wed Aug 27 15:56:54 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4B096106564A
	for <freebsd-questions@freebsd.org>;
	Wed, 27 Aug 2008 15:56:54 +0000 (UTC) (envelope-from ws@au.dyndns.ws)
Received: from ipmail05.adl2.internode.on.net (ipmail05.adl2.internode.on.net
	[203.16.214.145])
	by mx1.freebsd.org (Postfix) with ESMTP id C9ECE8FC1F
	for <freebsd-questions@freebsd.org>;
	Wed, 27 Aug 2008 15:56:53 +0000 (UTC) (envelope-from ws@au.dyndns.ws)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ah0BAKMWtUiWZWdv/2dsb2JhbAAIuWKBaA
X-IronPort-AV: E=Sophos;i="4.32,279,1217773800"; d="scan'208";a="191672276"
Received: from ppp103-111.static.internode.on.net (HELO [192.168.1.157])
	([150.101.103.111])
	by ipmail05.adl2.internode.on.net with ESMTP; 28 Aug 2008 01:26:36 +0930
From: Wayne Sierke <ws@au.dyndns.ws>
To: Steve Bertrand <steve@ibctech.ca>
In-Reply-To: <48B57570.9040707@ibctech.ca>
References: <48B566EA.2000406@pukruppa.net>  <48B57570.9040707@ibctech.ca>
Content-Type: text/plain
Date: Thu, 28 Aug 2008 01:26:34 +0930
Message-Id: <1219852594.49053.249.camel@predator-ii.buffyverse>
Mime-Version: 1.0
X-Mailer: Evolution 2.22.2 FreeBSD GNOME Team Port 
Content-Transfer-Encoding: 7bit
Cc: Peter Ulrich Kruppa <ulrich@pukruppa.net>,
	FreeBSD-Questions <freebsd-questions@freebsd.org>
Subject: Re: Spam sent to me from my own mail server ?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Aug 2008 15:56:54 -0000

On Wed, 2008-08-27 at 11:40 -0400, Steve Bertrand wrote:
> Peter Ulrich Kruppa wrote:
> > Hello,
> > 
> > for some time now I keep receiving spam mails from my own (small) mail 
> > server, some of them with faked usernames some of them even with my own 
> > (ulrich@...).
> 
> How have you identified that they are actually being delivered by your 
> server itself?
> 
> It is my experience that this is likely not the case, and it is only 
> your addresses that are being forged.
> 
Additionally, I see sendmail add the local domain to the From field of
incoming messages where the domain is missing. I've seen this on
numerous spam messages and even the occasional legitimate email. It's
been on my to-do list to look into this and modify it. Had me scratching
my head for a while the first time I saw it.


Wayne