At 18:39 2003-04-16 -0600, LuKreme wrote:
Now, syth.serveftp.net is one of my dyndns domains and I know that there
is no valid user on my machine named "Bill."
The mail no doubt is being injected directly at your server - if you check
the Received headers, the first one (and, if you're reading mail ON that
host, the ONLY one) will be when the message was passed from some host to
yours.
Spammers sometimes submit messages without a domain qualification -- YOUR
OWN MAILHOST decides to tack a domain qualification onto the message to
make it legit, assuming that the only valid message thus submitted would be
from a local user.
there are only about 20 user accounts on this machine. I could, I
suppose do a ls /Users > local.usernames and then check on that file, but
this would mean manually updating the local.usernames file.
That wouldn't contend with legitimate aliases users may have (perhaps not a
factor in your case, but it could be in someone elses - or yours in six
months).
Have you checked the address shown in the From_ header?
Does it matter if I'm checking only LOCAL users or could i also check my
actual remote mailserver?
Uh, please explain. Sounds like your email may arrive on a host and you're
fetchmailing it? Where is procmail running? Where are the SMTP
connections coming in?
---
Sean B. Straw / Professional Software Engineering
Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
Please DO NOT carbon me on list replies. I'll get my copy from the list.
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail