2

I have a forwarding rule with Postfix that forwards all messages to my main email address.

When a spam message is sent to one of my emails, it is forwarded but the sender is shown as being the forwarding domain, not the spammer's domain.

Real example:

mywebsite.com is hosted on Linode.

admin@spammer.cn sends an email to info@mywebsite.com

the mail is forwarded to myemail@anotherwebsite.com

my email hosting (anotherwebsite.com) sees it's spam and sends a message to abuse@linode.com and Linode reports a TOS violation.

I have modified my postfix settings so I now use RBL, but if a message goes through, it may happen again.

How can I prevent this to happen again? Is there some settings to change on Postfix so the original sender is correctly identified?

Thanks Stephan

EDIT: The steps I did to prevent this to happen again are:

  • Add RBL checking to Postfix
  • Add postgrey to Postfix
  • And finally fix the MX record which was incorrect.

I checked with a test email on Spamcop.net and the original sender is correctly identified.

Stephan Burlot
  • 121
  • 2

2 Answers2

1

The solution is not to forward the mail.

mailq
  • 17,023
  • 2
  • 37
  • 69
1

You need to tell anotherwebsite.com about the forwarding so they can add it to their list of "trusted domains".

Read this: http://wiki.apache.org/spamassassin/TrustPath and http://wiki.apache.org/spamassassin/TrustedRelays (particularly TrustedRelays is very clear)

The issue is, they don't know that your linode isn't the source of the spam. Everything past the first untrusted host could be lies inserted by the spammer - which is why spam handling software ignores every Received header other than the ones it knows were added by hosts under the control of, or trusted by, the final destination.

If they won't do it for you - then sorry, mailq is right. Don't do that.

Bron Gondwana
  • 1,738
  • 3
  • 12
  • 15