procmail
[Top] [All Lists]

Re: Mail from invalid users at my local dynamic DNS

2003-04-16 22:30:48
At 18:39 2003-04-16 -0600, LuKreme wrote:

Now, syth.serveftp.net is one of my dyndns domains and I know that there is no valid user on my machine named "Bill."

The mail no doubt is being injected directly at your server - if you check the Received headers, the first one (and, if you're reading mail ON that host, the ONLY one) will be when the message was passed from some host to yours.

Spammers sometimes submit messages without a domain qualification -- YOUR OWN MAILHOST decides to tack a domain qualification onto the message to make it legit, assuming that the only valid message thus submitted would be from a local user.

there are only about 20 user accounts on this machine. I could, I suppose do a ls /Users > local.usernames and then check on that file, but this would mean manually updating the local.usernames file.

That wouldn't contend with legitimate aliases users may have (perhaps not a factor in your case, but it could be in someone elses - or yours in six months).

Have you checked the address shown in the From_ header?

Does it matter if I'm checking only LOCAL users or could i also check my actual remote mailserver?

Uh, please explain. Sounds like your email may arrive on a host and you're fetchmailing it? Where is procmail running? Where are the SMTP connections coming in?

---
 Sean B. Straw / Professional Software Engineering

 Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
 Please DO NOT carbon me on list replies.  I'll get my copy from the list.


_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail