Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Spammers able to spoof local addresses

Discussion in 'E-mail Discussion' started by GrizzlyAdams, May 23, 2007.

  1. GrizzlyAdams

    GrizzlyAdams Registered

    Joined:
    Apr 28, 2007
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    151
    I keep recieving spam sent to hosted accounts, spoofed from non-existant hosted addresses:

    From: <staff@xxxxxxxx.net>
    To: <sales@xxxxxxxx.net>


    It looks as though the To: is checked for local delivery before the From: is checked for local senders...
    Is there a way to switch the behavior so any messages claiming to be sent from a local address have to authenticate, even when sending to another local address?


    Also, I have strict SPF records set, which only allow my server to relay for the domain. I don't see anything from spam assassin about the SPF failure, but I see plenty of hits from rbl lists on the messages.


    - Grizzly
     
  2. SMG

    SMG Member

    Joined:
    Nov 29, 2003
    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    151
    I've been seeing this a LOT lately. This is the only post I could find about this, does anyone know much about it? Basically seeing a lot of instances where someone emails someone@localdomain.com using from/return path/etc as someone@localdomain.com (identical address, local) and it gets through anyway. Shouldn't this require some sort of auth?
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice