On 18.03.08 12:17, Glenn Terjesen wrote: > Thanks for reply but we cant use any of these plugins: > > whitelist_from_dkim, whitelist_from_spf, whitelist_from_dk, > whitelist_auth > > Because our users and our customers users send from smarthosts all over > the world wich don't have spf or dk or sends via exs internet providers > mta.
It's quite bad when users from whole world can send mail through any SMTP server, using your domain in from address, just because you make all these checks impossible. Note that SPF and DKIM were created to fight e-mail forgery, while this setup makes forgery very easy. You should set up SMTP authentication and start requiring users to send mail through your server, if they want to use your domain in from address. THEN, you can easily set up SPF and/or DKIM and filter all forgeries. -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Posli tento mail 100 svojim znamim - nech vidia aky si idiot Send this email to 100 your friends - let them see what an idiot you are
