How to detect forged From and Reply-to addresses from your own domain

Jason Ede J.Ede at
Wed Mar 10 13:50:54 GMT 2010

> -----Original Message-----
> From: mailscanner-bounces at [mailto:mailscanner-
> bounces at] On Behalf Of Mark Sapiro
> Sent: 06 March 2010 17:20
> To: MailScanner discussion
> Cc: Daniel Straka
> Subject: Re: How to detect forged From and Reply-to addresses from your
> own domain
> On 11:59 AM, Daniel Straka wrote:
> > Jules,
> >
> > This is working quite well on the MailScanner server that only
> > receives messages. What might be the drawbacks to leaving this rule
> > in place? I haven't seen any FP's yet and it's marked a thousand
> > messages as spam already. If there's not really any drawbacks...would
> > there be a similar rule for a MailScanner server that receives and
> > sends mail for our domain?
> For drawbacks to Jules' suggestion (possibly to the whole idea),
> consider the following:
> You are my employer.
> I set up a pop3 or imap account on my MUA at home to access my work
> mail.
> My ISP redirects all port 25 connects to its own servers so even if I
> know what I'm doing, I can't use your MTA for my outgoing mail for this
> account.

In that case set up your mail server to accept authenticated traffic on port 587 and use that for sending email


> Now, all my replies from home to my co-workers will be seen as spam
> because they are From: my work address, but the sending MTA is my home
> ISP.
> The same problem exists if SPF is used.
> --
> Mark Sapiro <mark at>        The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan
> --
> MailScanner mailing list
> mailscanner at
> Before posting, read
> Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list