I have a little problem. Some spammer is sending email to me from my address.
here is mail headers:
From - Fri Aug 20 08:06:15 2010
X-Account-Key: account7
X-UIDL: 1201266183.2446
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <[email protected]>
Received: from mnl-latvia.lv ([unix socket])
by localhost (Cyrus v2.2.13-Debian-2.2.13-10) with LMTPA;
Fri, 20 Aug 2010 07:17:26 +0300
X-Sieve: CMU Sieve 2.2
X-Greylist: delayed 328 seconds by postgrey-1.27 at mnl-bck; Fri, 20 Aug 2010 07:17:20 EEST
Received: from 59.93.217.133 (unknown [59.93.217.133])
by mnl-latvia.lv (ESMTP daemon) with ESMTP id 0F8572E6970
for <[email protected]>; Fri, 20 Aug 2010 07:17:19 +0300 (EEST)
Received: (qmail 2323 by uid 603); Fri, 20 Aug 2010 08:11:00 +0400
Message-Id: <[email protected]>
From: [email protected]
To: [email protected]
Subject: [email protected] VIAGRA X Official Seller -77%
MIME-Version: 1.0
Content-Type: text/html; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Date: Fri, 20 Aug 2010 07:17:19 +0300 (EEST)
X-mnl-latvia.lv-MailScanner: Found to be clean
X-mnl-latvia.lv-MailScanner-From: [email protected]
X-mnl-latvia.lv-MailScanner-To: [email protected]
Mail server is running on postfix, spamassasin. In spamassasin is defined that all messages who is going from latvian adreeses are whitelisted.
spamassasin spam.whitelist.rules
From: *@*.lv yes
main.cf
smtpd_recipient_restrictions = hash:/etc/postfix/access,
permit_sasl_authenticated,
permit_tls_clientcerts,
permit_mynetworks,
check_policy_service inet:127.0.0.1:60000
reject_invalid_hostname,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_unauth_destination,
permit
question is: can i drop mail at smtp level if From is same as To and if sender is not authenticated?
at mail headers sender is :
Received: from 59.93.217.133 (unknown [59.93.217.133])
so its not authenticated. I am right ?
Configure SPF and use some spf-checking framework in Postfix (tumgreyspf, postfix-policyd-spf-perl, ...).