Virus on the list
Matthias Andree
matthias.andree at gmx.de
Sat Oct 30 04:35:22 CEST 2004
David Relson <relson at osagesoftware.com> writes:
> The mail server is running postfix, procmail, and mailman. Either
> mailman is vulnerable to spoofed addresses or it's configured wrong.
Mailman, just like almost any mail software, is "vulnerable" to spoofed
addresses - the reason is that mail is not authenticated.
> If anybody has suggestions on hardening the delivery environment to
> avoid this happening again, feel free to contact me.
Lock down what can be sent as attachment so that mailman at least strips
out the malware. (content filters)
It is also possible for your Postfix to reject mails with your own
envelope sender that originate outside of your networks and apply
several other checks.
This is a bit hairy if you mail while on the road, you need an SSH or
VPN tunnel so you can mail locally, or perhaps SMTP AUTH (SASL).
--
Matthias Andree
More information about the Bogofilter
mailing list