forged From:

Plant, Dean dean.plant at ROKE.CO.UK
Thu Jul 17 10:02:53 IST 2003

Instead of whitelisting, would it be better to use a ruleset for enabling spamchecks only for your domain? Then a forged From: would not be missed.

Spam Checks = /etc/MailScanner/rules/spam.check.rules

To:      *   yes
FromOrTo:    default    no

Dean Plant

-----Original Message-----
From: Spicer, Kevin [mailto:Kevin.Spicer at BMRB.CO.UK]
Sent: 16 July 2003 15:08
Subject: Re: forged From:

Rob V wrote:
> Has Anyone got a way to block or detect a forged From: address.
> I am getting spam sent to us with forged From (they are putting that
> the mail is from someone at our domain)
> Since we do not scan our own domain these messages are getting in no
> problem. Any help or suggested would be appreciated.

You should not whitelist your own domains by their domain name, instead you should whitelist trusted internal servers by IP, or your IP address blocks.

BMRB International
+44 (0)20 8566 5000
This message (and any attachment) is intended only for the
recipient and may contain confidential and/or privileged
material.  If you have received this in error, please contact the
sender and delete this message immediately.  Disclosure, copying
or other action taken in respect of this email or in
reliance on it is prohibited.  BMRB International Limited
accepts no liability in relation to any personal emails, or
content of any email which does not directly relate to our

Registered Office: Roke Manor Research Ltd, Siemens House, Oldbury, Bracknell,
Berkshire. RG12 8FZ

The information contained in this e-mail and any attachments is confidential to
Roke Manor Research Ltd and must not be passed to any third party without
permission. This communication is for information only and shall not create or
change any contractual relationship.

More information about the MailScanner mailing list