Matthew D. Fuller a écrit : > On Wed, Jul 29, 2009 at 03:03:43PM +0100 I heard the voice of > Clunk Werclick, and lo! it spake thus: >> My apologies for the terse caveat. As I understand it, there are >> some external mail services that roaming users may use that forward >> mail into your Postfix claiming to be from your domain. Myself I do >> not use this. > > The problem doesn't come from what you use, but from what any of your > users may somewhere use. > > Imagine you are example.com, and have two users, a...@example.com, and > b...@example.com. a...@example.com sends mail to b...@someother.domain (which > you don't control, and know nothing about, short of looking up its MX > record and sending the mail on its way). But b...@someother.domain is > just a forwarder and forwards the mail on to b...@example.com. That > forwarder won't (and quite probably _shouldn't_) change the envelope > sender. Suddenly, you have mail from "outside", with an envelope > sender that's you, but is perfectly legitimate. And pretty common. > > If you know all your users and know none of them do any such thing, > filtering it works great. But if you're not absolutely sure, you > could be setting out landmines. > >
Most sites should no more care about this "issue", in these days of SASL and/or SPF...
