Hello, What I was hoping for was, that as someone who does bother checking, to find out a solution that would help me prevent from receiving spoofed e-mails, because as I mentioned multiple times SPF, DKIM, and DMARC is not able to do that. I am looking for a way how to detect that e-mail is spoofed. Any way.
Now, for sure users who do not want to bother to check will always receive spoofed e-mails easily, so how about users who do want to check? What solution that works is out there? What can you actually do to prevent receiving spoofed e-mails? One of solutions that I proposed is an optional SA plugin that would treat the email found in "From:" header as envelope sender and check against that, raising the score or doing something if it failed. That would obviously work and blocked hackers from spoofing, but as you said, it would also break some other stuff, like mailing lists for instance, so you deemed this solution evil and something what should never be done on any mail server, even if that mail server was used only by people who don't care about mailing lists at all. So is there actually any other solution? That is what I am looking for, and that is why I started this thread. Thank you On 10/15/16 19:59, Ralph Seichter wrote: > On 15.10.16 17:33, Petr Bena wrote: > >> I started this discussion stating the fact that SPF, DKIM and DMARC >> don't prevent people from being able to spoof your email address. > These mechanisms are not meant to prevent spoofing (and they can't), > just to make it easier to detect spoofing on the receiving end. If the > receiver does not bother checking, decides against checking, or simply > is incapable of checking, the sender can jump through all sorts of hoops > and it won't help. And it might all fall to pieces anyway, based on what > the MUA displays. > > I'm not sure I understand what type of discussion you hope to nurture by > stating that A does not prevent B when A was not designed to prevent B. > > -Ralph
