Sendmail: How do I stop people from faking the from address (eg: support@paypal.com)

Hi,

I have recently been getting a few fraudulent accounts which simple upload a spam script and send out a paypal spoof. Now they usually put the from/return address as support@paypal.com. How can i block emails from going out if this address matchs?

I have read about a few posible ways:

Use /etc/mail/access to reject mail using "FROM:paypal.com reject" (but think this only works with incoming mail)

create a custom rule using sendmail.mc:

LOCAL_CONFIG
#
# Regular expression to reject:
# * numeric-only localparts from aol.com and msn.com
# * localparts starting with a digit from juno.com
#
Kcheckaddress regex -a@MATCH
^(*<@(paypal|ebay)\.com

LOCAL_RULESETS
SLocal_check_mail
# check address against various regex checks
R$* $: $>Parse0 $>3 $1
R$+ $: $(checkaddress $1 $)
R@MATCH $#error $: "553 Header error"

 

 

 

 

Top