Results 1 to 4 of 4

Thread: Spoofed sender is causing AWL problems

  1. #1
    vandehey is offline Senior Member
    Join Date
    Mar 2007
    Posts
    73
    Rep Power
    8

    Default Spoofed sender is causing AWL problems

    Hello, we are getting hit pretty hard with SPAM that have spoofed sender headers. This is causing AWL to adjust with a high negative score, which is putting this below the spam threshold.

    I see from past posts, that SPF is the 'preferred' method of dealing with this. We aren't huge fans of SPF, and don't want to implement it. Does anyone else have suggestions or things they have implemented to stop the sender forgery? Or adjustments to AWL, or SA?

    Here is what a false-negative spam score is looking like from spoofed sender:

    X-Spam-Status: No, score=2.41 tagged_above=-10 required=3.4 tests=[AWL=-6.431,
    BAYES_95=3, LONGWORDS=1.803, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033,
    RDNS_NONE=0.1]

    Thanks for the help.
    Version: 5.0.13

  2. #2
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Have a look at my post here :- my zimbra smtp used by someone

    You may be able to use SpoofProtection.

  3. #3
    vandehey is offline Senior Member
    Join Date
    Mar 2007
    Posts
    73
    Rep Power
    8

    Default

    Thanks for the reply. I think we are going to adjust our outward facing MTA to reject mail from our own domain, unless it's via authenticated SMTP and SSL.
    Version: 5.0.13

  4. #4
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    I have implemented it on our Zimra MTA proxy and it was fine. Only difference to my original post was that the path needed to be /opt/zimbra/postfix/conf. Next step will be to use a LDAP call so that when a new domain is added the hash file would not need to be updated.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Problem with spoofed sender
    By mickier in forum Administrators
    Replies: 2
    Last Post: 02-22-2010, 04:07 AM
  2. Busted Debian installation causing problems
    By Dirk in forum Administrators
    Replies: 6
    Last Post: 12-08-2007, 07:59 AM
  3. Large message operations causing problems.
    By Sam Hunter in forum Administrators
    Replies: 6
    Last Post: 01-31-2006, 05:28 PM
  4. Is this causing some problems maybe?
    By agnOstos in forum Users
    Replies: 5
    Last Post: 11-05-2005, 02:26 PM
  5. Migration Client causing Outlook Problems
    By jonfehringer in forum Administrators
    Replies: 4
    Last Post: 10-04-2005, 10:38 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •