Hi!
I gotta think this isn't gonna happen... but anyone know if it can? If so, I'm not going to enable AWL on my server.
You're asking the right questions. To the best of my knowledge, this has already been addressed. What goes in the AWL isn't just the raw email address, it's the email address plus the first two octets of the source IP address. For someone to successfully attack this way, the attacker would need a legal IP address in the same class B network as the legitimate sender. If sent from a different network, the +1000 user would show up in a different AWL entry than the legitimate sender.
We turned off AWL, we had a customer that forwarded two spam messages to our helpdesk, the third normal message never came in, since his AWL beat him...
For us it didnt work out.
Bye, Raymond.
