>can this be solved in some way
No, I'm sorry - but if your 'workaround' with the blacklisting works, all
is fine.
>and to be honest this is a need as we got mails from legitimate sources
>sometimes that are spoofed.
This is what I meaned, the mail flow logic - how can it be, that a local
address has to connect to assp form outside! And even if this is required,
why is this user not forced to authenticate?
Anders, don't answer the question, it will change nothing. What you want
to do is not possible in the spoofing configuration.
There are many ways to build clear and clean mail environments, even for
external employees, web pages ..... like VPN, client certificates
(supported by assp for SMTP!), stunnel ......
There is possibly an option that can help you. I mean SPF, but this will
only work with hostnames or fixed IP's. Define a SPF record for the domain
- this can be done in DNS or possibly better in assp and force SPF to be
used strict for this domain.
Thomas
Von: anders.wes...@dometic.com
An: For Users of ASSP <assp-user@lists.sourceforge.net>
Datum: 17.02.2016 16:22
Betreff: Re: [Assp-user] Spoofing question
Hi Thomas
Sorry I was not clear enough.
We are using ASSP as a spam filter and we have scoring active for spoofing
but sometimes when the score doesn´t reach the limit to be spam classified
spoofed mail get through
and to be honest this is a need as we got mails from legitimate sources
sometimes that are spoofed.
What my problem is someone is sending (with a spoofed address) so it seems
to be sent from our main economic controller to other persons in our
organisation
that he wants to do a economic transaction, and he will call later to
confirm the details
so I want to hard block his address from outside but his mailflow should
not be affected to/from other external addresses
can this be solved in some way
MVH/Regards
__________________________________________________
Anders Westin
From: Thomas Eckardt <thomas.ecka...@thockar.com>
To: For Users of ASSP <assp-user@lists.sourceforge.net>
Date: 2016-02-17 15:46
Subject: Re: [Assp-user] Spoofing question
If I understand it right, you want to score spoofing for all, but block
for one (or a list of) address.
This is not possible.
>mymailaddr...@localdomain.com=>*@localdomain.com
I'm astonished that this works :)
The real reason for your problem is (if I read your post right), that you
use assp not only for what it is made.
- assp is a spam filter
- assp is NOT an enduser connector - means, under not a single
circumstance, an enduser should ever directly connect to assp
How ever, if endusers are connecting to assp directly - authentication has
to be used (PLAIN and LOGIN with SSL or STARTTLS)!
Thomas
Von: anders.wes...@dometic.com
An: assp-user@lists.sourceforge.net
Datum: 17.02.2016 13:28
Betreff: [Assp-user] Spoofing question
Hi All
I need an advice
I want exclusively block a email address from external that is a local
address (prevent spoofing hard on one local address)
but this mailaddress must still work from the inside and any body else
must be able to mail to this address from outside
I have today spoofing active in score mode so all local domain from
external got a score, but this is not enough this address must be totally
blocked
I think I manage to solve by doing like this in "Blacklisted Addresses and
Domains" but is this the "right" way to do it or is it a better way to
solve this?
mymailaddr...@localdomain.com=>*@localdomain.com
MVH/Regards
__________________________________________________
Anders Westin
_________________________________________________________________________________________________________________________________________________
NOTICE: This email and any attachments are for the sole use of the
intended recipient(s) and may contain confidential and privileged
information.
Any unauthorized review, use, disclosure or distribution is prohibited.
If you are not the intended recipient, please notify the sender by reply
email and destroy the original message.
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
_________________________________________________________________________________________________________________________________________________
NOTICE: This email and any attachments are for the sole use of the
intended recipient(s) and may contain confidential and privileged
information.
Any unauthorized review, use, disclosure or distribution is prohibited.
If you are not the intended recipient, please notify the sender by reply
email and destroy the original message.
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
