Date: Wed, 27 Aug 2008 12:06:24 -0700 From: Chris Pratt <eagletree@hughes.net> To: FreeBSD-Questions <freebsd-questions@freebsd.org> Cc: Peter Ulrich Kruppa <ulrich@pukruppa.net> Subject: Re: Spam sent to me from my own mail server ? Message-ID: <C04EE367-106F-420A-B9F5-04C9FB2507C8@hughes.net> In-Reply-To: <48B57570.9040707@ibctech.ca> References: <48B566EA.2000406@pukruppa.net> <48B57570.9040707@ibctech.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
> Peter Ulrich Kruppa wrote: >> Hello, >> for some time now I keep receiving spam mails from my own (small) >> mail server, some of them with faked usernames some of them even >> with my own (ulrich@...). > > Matthew's message beat me to the response but I had typed one. There are some great tools for this and many are in ports. SPF and these do work. Here is what has been sitting in my drafts, it may have some additional value. ... I don't worry much about what I receive that is forged because I'm reasonably sure that I didn't send it nor were my servers leveraged. I monitor heavily. On the other hand, I do make certain that others aren't receiving spam thinking it's from my domains. SPF helps with this, information is available on www.openspf.org. This doesn't stop forgery, but it does give a tool to the receiver to verify what email is actually from your domain and email server. It's implemented very easily in your DNS entries. SPF is you telling the world that you authorize your domain to send email only from a specific set of servers (or a specific server). After you implement SPF, after a few weeks, they will generally stop using your domain because it's too frequently rejected by receivers. It becomes less in their interest to forge your domain so they go pick on someone else. If you DO want to stop people using your domain in sending to YOU, there are several tools to use in conjunction with sendmail to do this. I use MailScanner which is available within ports. If there are no relays involved in how you receive mail, this works because SpamAssassin (automatically installed with MailScanner) will see if the email you are receiving matched SPF. Yours and everyone elses. There are good docs on the net for using FreeBSD, sendmail, and MailScanner and it's dependencies. If you can't find them, try this: http://bio.fsu.edu/~sysalex/freebsd-mail-server.htm If you are going to run a mail server, it's good to have spam and virus defenses installed. There are more direct methods of actually rejecting forged emails within sendmail. You will find a list of these on the SPF site under "implementations". These tools may or may not be in ports. You will have to check on that. They make use of the milter interface within sendmail. The spf mail list is extremely helpful and professional if you have questions on this. You can join this list on their site. I'm not pushing their site or this draft standard, it's that SPF has worked pretty well for what it does and it's open method of dealing with the problems.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C04EE367-106F-420A-B9F5-04C9FB2507C8>