Spammers able to spoof local addresses

**GrizzlyAdams** · 05-23-2007 10:32 PM

I keep recieving spam sent to hosted accounts, spoofed from non-existant hosted addresses:

From: <staff@xxxxxxxx.net>
To: <sales@xxxxxxxx.net>

It looks as though the To: is checked for local delivery before the From: is checked for local senders...
Is there a way to switch the behavior so any messages claiming to be sent from a local address have to authenticate, even when sending to another local address?

Also, I have strict SPF records set, which only allow my server to relay for the domain. I don't see anything from spam assassin about the SPF failure, but I see plenty of hits from rbl lists on the messages.

- Grizzly

**SMG** · 12-13-2008 05:15 AM

I've been seeing this a LOT lately. This is the only post I could find about this, does anyone know much about it? Basically seeing a lot of instances where someone emails someone@localdomain.com using from/return path/etc as someone@localdomain.com (identical address, local) and it gets through anyway. Shouldn't this require some sort of auth?

LinkBack

Thread Tools

Spammers able to spoof local addresses

Email spoof

Email aliases not delivering to local addresses

exim refusing certain local addresses: lowest numbered MX record points to local host

How can I get a list of local email addresses

ImageMagick can spoof your harddrive!