thevoices

Member
Feb 16, 2006
11
0
151
I have found a particular nasty bug,

Environment: Catch-too/Default enabled

Customer has a Max Email of say 50 an hour

"Spammer" spoofs their email address as "customesdomain.com and sends to real or nonexistant [email protected]. The server tries to deliver it but treats the message as valid and marks 1 against the hourly. Even the "Spammer" didnt use customers server as smtp.


Before enabling Default; it returns "sender verified failed" in logs but after accepts it.

Has anyone found a way to only allow valid "from" or someone way that the customer isnt dinged for some poser infected with the newest and greatest worm/virus.

-tv
 

Bash

Member
May 7, 2005
22
0
151
Do you have the full headers of the spam email that was sent? I have awhole bunch of servers with accounts and their emails are set to 200 per hour in order to prevent massive intentional spamming. Please post the full headers and I will take a look to see if this is the case. I personally have not had any complaints like this.

-Bash