On Aug 21, 2006, at 5:29 PM, Cary Pembleton wrote:
Chris,Check and make sure your mail server is not set for "open mail relay" Thiscould definitely cause you the problem your describing. Respectfully, Cary Pembleton IT Consultant PC Tech Help, LLC 32 Cove Lane Campbellsville, KY 42718 (270) 789-0187 Office http://www.pctechhelp.net -----Original Message----- From: Chris Davies [mailto:davichri@cd-tech.biz] Sent: Monday, August 21, 2006 4:35 PM To: debian-isp@lists.debian.org Subject: Email question Hi all, My setup is Sarge w/Exim 4, Spamassassin, Clamav, Dovecot POP/IMAP.My Exim setup is working fine, and not much spam makes it through it, and the SA does a very good job at marking the spam, but lately I've been having problems with spam bounced from another mail server with my accounts email forged in the from and reply-to, So my question is how would I block orfilter it out. Thanx Chris
You completely misunderstood his problem. People are setting the From and Reply-To fields of spam to his address and then sending it to servers that are bouncing the message, complete with content. (Which in today's world is bad form. If your server bounces messages intact today, you're a prime candidate to be used for such things.)
It's becoming harder and harder to filter spam and eventually is a losing battle over the long-term. It's not getting any better even with the wasted hundreds of man-hours a day fighting it. Now we have whole commercial entities who's whole purpose in the world is to build and sell "spam filtering" boxes.
We're focusing on the wrong problem, so this won't ever be a real solution. We are focusing on filters and blocking at the receiving end instead of re-designing e-mail to be fully authenticated and tracked end-to-end through a trusted (but publicly available) standard for authentication and optional encryption.
Until people admit that an unauthenticated, unidentified, unencrypted core system on today's Internet is retarded, and start looking at the real root-cause of the problem, nothing will change. Actually it'll continue to get worse until some large organization finally says "enough" and comes up with a way for people to authenticate/sign messages to them, and they stop accepting unsigned, unauthenticated, and unidentified mail.
-- Nate Duehr nate@natetech.com