On Tue, 2011-01-11 at 15:33 -0500, Adam Moffett wrote:
> Right, it's kind of difficult to fake your source IP in a TCP session.
> But if I read the manual correctly the whitelist_from_rcvd that he's
> asking about does lookups on hosts in the "Received-from: " headers in
> the message.....which would be trivial to fake.
The IP of the handing-over host and its rDNS (which is used here) in
that Received header must be added by the receiving SMTP. Usually your
MX, and trusted. If it fakes headers, you should not trust it... ;)
SA does not do a DNS lookup itself for whitelist_from_rcvd.
--
char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
