On Wed, 26 Jun 2002, Olivier Nicole wrote: > I wonder how it happened actually. Only way would be that the machine > with 216.139.180.4 connected to your mail server and started the > dialog with HELO and your own mailserver name.
I think that would actually give (for sendmail) the "apparently from" line. The only time you don't get that, is if the DNS actually matches the HELO. > say that in real life I only accept connection from machine with valid > DNS and reverse DNS. - You'd be suprised how many people deliver email via IP addresses whose reverse they don't control (dialup, but worse, cable modems into offices etc etc( - Machines with multiple IP addresses. For instance Linux takes the "nearest" IP for outgoing connections on the INADDR_ANY bind. It might not be the address in your DNS. - Sometimes the outgoing address used also depends on which IP address was added last to the kernel. I ran for a few hours with the forward has to match reverse address, and then realised this was just not possible. That's why I don't see the use of a such a mechanism for SA. However, remote machines claiming to be me are rare and I can always justify dropping that email, though I'll agree that such a thing is better done at the MTA level. It's just that I don't have access to that :) Paul -- "Movie scripts no longer write, George Lucas shall" ------------------------------------------------------- This sf.net email is sponsored by: Jabber Inc. Don't miss the IM event of the season | Special offer for OSDN members! JabConf 2002, Aug. 20-22, Keystone, CO http://www.jabberconf.com/osdn _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
