On 02 Oct 2006, at 14:10 , Steve A wrote:
Professional Software Engineering wrote:
If they're valid email addresses at your domain, this is referred to
as "joe-jobbing". Otherwise, it's simple forgery.
They're valid addresses at my domain because I accept them because I
haven't yet compiled a list of all the addresses I've used for myself
(eg. procmail(_at_)mydomain(_dot_)tld). They're random (often rude) words
used to
make the user part of the address.
So you have a wildcard on your domain to accept any *(_at_)yourdomain(_dot_)tld?
This is why you don't do that.
Setup your mailserver to ONLY accept mail for real and valid
accounts. You can do most of this in /etc/postfix/virtual (or
whatever) like this:
amazon(_at_)mydomain(_dot_)tld myemail+amazon(_at_)mydomain(_dot_)tld
procmail(_at_)mydomain(_dot_)tld myemail+procmail(_at_)mydomain(_dot_)tld
etc.
You don't have to use plus addressing, of course, but it can make
this super convenient.
Then setup your mailserver to rejevet unknown recipients.
You should never accept wildcard usernames, it's just an invitation
to be DOSed with Spam.
I don't have control at SMTP level, only what procmail can do for me.
Then move your domain to a better ISP. If you can't reject mail for
unknown accounts then you're going ot be totally, completely, and
most importantly, repeatedly fucked.
Yup, that's my problem. I'm getting on average 2,500+ per day,
most of
which I can filter but I'm looking to tweak procmail so I can easily
edit the sender list file if I need to add another sender string.
What you need to do for now is a positive match. Create a file with
all your valid email addresses and then match against that. If it
doesn't match, drop the email. That means matching on the To: field.
if you want to match on the From, here is how I do it do it. This is
based on Sean's WHITELIST from code-snippet (search archives for
ISLISTED for best results to see the original thread, iirc).
:0 h
CLEANFROM=|formail -IReply-To: -rtzxTo:
WHITELIST=$HOME/.valid-emails
# matches only on complete line matches.
# bob(_at_)domain(_dot_)tld does not match for billybob(_at_)domain(_dot_)tld
ISLISTED=`grep -i "^$CLEANFROM$" $WHITELIST`
# If matched, ISLISTED should contain the email address
# our email claims to come from
:0
* ! ^^ISLISTED^^
DELETE
# Saves in DELETE. If tested and works, comment that and
# direct to /dev/null
# /dev/null
In the course of writing this email I've solved the problem, so here's
the result. If anyone can think of something I've missed, or need to
watch out for, please chip in.
:0
* ^From:[ \t]*\/.*
* $? echo \"$MATCH\" | grep -i -f $LIST
testbox
Sean's CLEANFROM is better as it always results in a bare email address
What does yours do with:
From: "Mail Daemon" <postmaster(_at_)somedomain(_dot_)tld>
??
--
One by one the bulbs burned out, like long lives come to their
expected ends.
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail