OT: SA rule to detect forged gmail traffic.

Eduardo Casarero ecasarero at gmail.com
Thu May 28 20:32:48 IST 2009

I'm researching and trying to write an SA rule to detect forged gmail
traffic, does anyone has anything done like this?

i was thinking in some message id structure, and the precense of DKIM data.

any advice would be aprecciated,


PD: cant block for invalid spf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20090528/3a483461/attachment.html

More information about the MailScanner mailing list