How to detect forged From and Reply-to addresses from your own
domain
Mogens Melander
mogens at fumlersoft.dk
Sat Mar 6 18:07:38 GMT 2010
On Sat, March 6, 2010 18:19, Mark Sapiro wrote:
> On 11:59 AM, Daniel Straka wrote:
>> Jules,
>>
>> This is working quite well on the MailScanner server that only
>> receives messages. What might be the drawbacks to leaving this rule
>> in place? I haven't seen any FP's yet and it's marked a thousand
>> messages as spam already. If there's not really any drawbacks...would
>> there be a similar rule for a MailScanner server that receives and
>> sends mail for our domain?
>
>
> For drawbacks to Jules' suggestion (possibly to the whole idea),
> consider the following:
>
> You are my employer.
>
> I set up a pop3 or imap account on my MUA at home to access my work mail.
>
> My ISP redirects all port 25 connects to its own servers so even if I
> know what I'm doing, I can't use your MTA for my outgoing mail for this
> account.
>
> Now, all my replies from home to my co-workers will be seen as spam
> because they are From: my work address, but the sending MTA is my home ISP.
>
> The same problem exists if SPF is used.
>
> --
> Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
> San Francisco Bay Area, California better use your sense - B. Dylan
In that case, either bitch at your ISP, or set up a web-mail.
I've been using squirrelmail for years for the same reasons.
--
Later
Mogens Melander
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner
mailing list