Prev: How to get Windows to send FQDN when connecting to a relay
Next: "The IP you're using to send mail is not authorized" --depending on user
From: Jeroen Geilman on 26 Apr 2010 13:13
On Monday 26 April 2010 18:49:42 The Doctor wrote:
> Tracing and tracking.
>
> Question is:
>
> If you suspect your web (whether www,http,httpd user )

....of what ?
If you mean you suspect a local user of your web server of sending out spam,
implement proper local sender restrictions by measures such as limiting which
system users can use sendmail submission.

> how can you do a header check and pin where the source of
> spam is coming from?

Header checks will rarely, if ever, tell you where spam comes from.

>
> All I need is a check that will send to local users - go ahead

permit_auth_destination

> and if to a massive amount of users

It's generally a good idea to limit the number of recipients anyway.

> WITHOUT a local user REJECT as spam.

How do you mean, "without" ?

>
> Where can I put this?
>

I'm entirely unclear what you're trying to prevent here.

See http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt for a good introduction
to postfix anti-spam measures.


J.

From: Wietse Venema on 26 Apr 2010 13:27
The Doctor:
> Tracing and tracking.
>
> Question is:
>
> If you suspect your web (whether www,http,httpd user )
> how can you do a header check and pin where the source of
> spam is coming from?

You look in the WEB SERVER LOGFILE, and find the web request that
exploits your server.

Wietse

 | 
Pages: 1
Prev: How to get Windows to send FQDN when connecting to a relay
Next: "The IP you're using to send mail is not authorized" --depending on user