How to detect forged From and Reply-to addresses from your
own domain
Mark Sapiro
mark at msapiro.net
Sun Mar 7 18:03:08 GMT 2010
On 11:59 AM, Mogens Melander wrote:
>
> On Sat, March 6, 2010 18:19, Mark Sapiro wrote:
[...]
>>
>> For drawbacks to Jules' suggestion (possibly to the whole idea),
>> consider the following:
>>
>> You are my employer.
>>
>> I set up a pop3 or imap account on my MUA at home to access my work mail.
>>
>> My ISP redirects all port 25 connects to its own servers so even if I
>> know what I'm doing, I can't use your MTA for my outgoing mail for this
>> account.
>>
>> Now, all my replies from home to my co-workers will be seen as spam
>> because they are From: my work address, but the sending MTA is my home ISP.
>>
>> The same problem exists if SPF is used.
>
> In that case, either bitch at your ISP, or set up a web-mail.
>
> I've been using squirrelmail for years for the same reasons.
And Alex Neuman wrote:
>
> That would be why I always enable 587 (MSA) with auth, or 465 (SMTPS)
> on my MTA's.
I understand all those things, but that is not my point. I am not a
typical user. Typical users in most environments don't understand those
things.
What do you say when the PHB is on the phone and wants to know why *his*
boss is saying he didn't receive the monthly status report that the PHB
knows he emailed from home the evening before it was due.
And yes, even this can possibly be avoided with sufficient
documentation, training and support, but this is a cost that should be
factored in.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the MailScanner
mailing list