Email address spoofing

Alex Neuman van der Hans alex at
Thu Oct 2 17:23:20 IST 2008

Short answer: NO. You can't stop people from *trying* to spoof you.

Long answer: You need to discourage people from spoofing you, and to  
discourage others from accepting spoofed messages.

To do this, you need to do three things:

1. Let the world know that messages from you should only come from a  
certain set of IP addresses. See for more info.
2. Force the use of authentication in order to use your mail servers  
as a gateway. You don't want your own computers to "spoof" you when  
infected by trojans and such.
3. Use a milter such as milter-null, which signs each outgoing  
message, so that bounces that did not originate from your server are  
not received. Leverage this with MailScanner's "Watermark" feature so  
that your server doesn't accept or deliver spoofed messages.

On Oct 2, 2008, at 11:06 AM, Maxime Gaudreault wrote:

> Is there anything to do against email address spoofing ?

More information about the MailScanner mailing list