Spam with fake address from the list?
Ian Smith
smithi at nimnet.asn.au
Thu Dec 16 14:15:37 UTC 2010
Re: freebsd-questions Digest, Vol 341, Issue 6, Message: 27
On Thu, 16 Dec 2010 11:44:09 +0000 Bruce Cran <bruce at cran.org.uk> wrote:
> On Thu, 16 Dec 2010 12:40:35 +0100
> Michelle Konzack <bsd4michelle at tamay-dogan.net> wrote:
>
> > does someone get this kind of spam too?
>
> Yes, lots of people have been getting that for a few months.
> parklogic claim there's not anything they can do about it despite it
> apparently coming from their servers.
If you researched the mob running parklogic, I suspect you'd tend to
give any claims they may make scant credence, to say the very least.
These forged messages were blocked inbound to the FreeBSD mailservers in
August, but continue to be sent individually to participants harvested
from messages posted to this list, and likely will continue to be.
Since this is becoming a FAQ:
To date all of these forged messages contain the following mail headers:
> Return-Path: <anonymous at dusk.parklogic.com>
> Received: from dusk.parklogic.com (allmail.0b2.net [64.38.11.26])
Having your mailserver refuse connections from IP address 64.38.11.26 or
domain 0b2.net, or envelopes sent by parklogic.com, definitively solves
this problem. In sendmail /etc/mail/access syntax, use any or all of:
From:parklogic.com REJECT
Connect:64.38.11.26 REJECT
Connect:0b2.net REJECT
For those without control over their inbound mailserver, try to block or
filter mail based on those Return-Path: or Received: headers above, or
on the Message-ID: header which has always contained 'parklogic.com':
> Message-ID: <20101110202251.16589.qmail at dusk.parklogic.com>
And don't forget to wash your hands after flushing :)
cheers, Ian
More information about the freebsd-questions
mailing list