OT: SA rule to detect forged gmail traffic.

[Eduardo Casarero]

I'm researching and trying to write an SA rule to detect forged gmail
traffic, does anyone has anything done like this?

i was thinking in some message id structure, and the precense of DKIM data.

any advice would be aprecciated,

eduardo.

PD: cant block for invalid spf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20090528/3a483461/attachment.html