The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Spammers able to spoof local addresses

Discussion in 'E-mail Discussions' started by GrizzlyAdams, May 23, 2007.

  1. GrizzlyAdams

    GrizzlyAdams Registered

    Joined:
    Apr 28, 2007
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    I keep recieving spam sent to hosted accounts, spoofed from non-existant hosted addresses:

    From: <staff@xxxxxxxx.net>
    To: <sales@xxxxxxxx.net>


    It looks as though the To: is checked for local delivery before the From: is checked for local senders...
    Is there a way to switch the behavior so any messages claiming to be sent from a local address have to authenticate, even when sending to another local address?


    Also, I have strict SPF records set, which only allow my server to relay for the domain. I don't see anything from spam assassin about the SPF failure, but I see plenty of hits from rbl lists on the messages.


    - Grizzly
     
  2. SMG

    SMG Member

    Joined:
    Nov 29, 2003
    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    1
    I've been seeing this a LOT lately. This is the only post I could find about this, does anyone know much about it? Basically seeing a lot of instances where someone emails someone@localdomain.com using from/return path/etc as someone@localdomain.com (identical address, local) and it gets through anyway. Shouldn't this require some sort of auth?
     
Loading...

Share This Page