----- Original Message ----- From: "Jonas Pasche" <[EMAIL PROTECTED]> To: "vpopmail" <[EMAIL PROTECTED]> Sent: Sunday, March 09, 2003 9:31 PM Subject: Re: [vchkpw] smtp filter proxy
> Hi Jesse, > > > > > If I don't allow email to come into my network with forged FROM > > > > headers(or even forged envelope sender headers if they're relevent) > > > > > > Here's already an error in your idea - you can't reliably see if a > > > sender address is forged, and therefore: > > > > But I can. It's simple: > > > > (If the user is NOT on one of my network IPs, OR, if the user has not > > POPed before sending SMTP, ) AND the incoming email contains one of my > > internal domains in the FROM (envelope or header), then it's bogus. > > > > Is there a problem with that? > > No. Have you read my posting completely? > > Just quoting myself: > > JP> You cleary said that your filtering rule applies to mail that uses one > JP> of your domains (or these of your customers) as the From address. Thus > JP> your definition of a forged sender is: "Every mail with a sender address > JP> using one of my domains, but not relayed through our mail server". That > JP> might a more or less proper check (personally, I'd say: less), but > JP> doesn't match the vast majority of mails with forged sender addresses: > > It's just that - the test isn't really stupid, it just doesn't match > nearly any mail because spam mails don't have one of your domains as > their forged From address in nearly all cases. IMHO, it simply isn't > worth the work, but feel free to implement it anyway. Let it write a log > to see how many spam mails it really catches, and don't forget to check > it for regular mail blocked by this rule, thus causing trouble for your > customers. Well, of coarse it won't match many spam emails! However, it fulfills a purpose. It guarantees that mail I recieve or that my customers recieve claiming to be from one of my internal domains really IS from one of my internal domains. That is incredibly valuable. It reduces customer confusion and increases security a bit. It also does some other things for me that I'll decline to mention. Anyway, I just wanted to see if my idea was plausable, and to make sure I wasn't missing anything. I think you've helped me determine that what I want to accomplish can indeed be accomplished the way I want. Also, you gave me some ideas that will probably help in implementation (qmail-queue). Thanks for reading and replying. Jesse > > Jonas > > > >
