Dean Clapper wrote: > Is there a way to white list based on the IP using the Received from. > We have whitelisted our local domain but have noticed some that spoof > our domain. However the Received from tag is usually a different IP. > > Is it good practice to whitelist using IP?
whitelist_from is a bad idea for exactly the reason you found. Use whitelist_from_rcvd or whitelist_from_spf instead. -- Bowie
