You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by smeevil <in...@govannon.nl> on 2007/07/18 08:52:19 UTC
Catch all addresses and failure/undeliverable notification messages
Hello all,
I am looking for some advice regarding the following issue :
I have some domains which are using a catch all address.
On these addresses I get a lot of undeliverable / failure notices which are
theoretically legit.
Though they originate from spams spoofing the domains which makes those
messages spam in practice.
I am hoping any of you would know a solution to filter these message while
retaining the legit ones.
So far the only "solution" I can come up with is stop using catch all
address which in some cases is not feasible.
Thank you for your time :)
Gerard.
--
View this message in context: http://www.nabble.com/Catch-all-addresses-and-failure-undeliverable-notification-messages-tf4101428.html#a11663462
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
RE: Catch all addresses and failure/undeliverable notification messages
Posted by Dan Barker <db...@visioncomm.net>.
What you create by having a catch-all address domain, is an EXCELLENT
resource for spammers. They will use your domain as a FROM in their
spoofing spew. Any [misguided but popular] email software doing the [DDoS
enabling] "sender address verification" will pass the sender as legit, when
indeed it is not.
There are many ways to program around a catchall policy, and I encourage you
to find one. Maybe someone on the list can even help. Tell us, why do you
<think> you need a catchall?
hth
Dan
-----Original Message-----
From: smeevil [mailto:info@govannon.nl]
Sent: Wednesday, July 18, 2007 2:52 AM
To: users@spamassassin.apache.org
Subject: Catch all addresses and failure/undeliverable notification messages
Hello all,
I am looking for some advice regarding the following issue :
I have some domains which are using a catch all address.
On these addresses I get a lot of undeliverable / failure notices which are
theoretically legit.
Though they originate from spams spoofing the domains which makes those
messages spam in practice.
I am hoping any of you would know a solution to filter these message while
retaining the legit ones.
So far the only "solution" I can come up with is stop using catch all
address which in some cases is not feasible.
Thank you for your time :)
Gerard.
--
View this message in context:
http://www.nabble.com/Catch-all-addresses-and-failure-undeliverable-notifica
tion-messages-tf4101428.html#a11663462
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.