>Can't spammers bypass this check >by just faking a real domain name > in the FROM: field, something like > s...@gmail.com<mailto:s...@gmail.com>?
That's the name that has to resolve. Remember that only the stuff in the envelope part of the SMTP transaction matters. This cuts off one trivial abuse vector. This check is only a first line of defense - you need defense in depth, as Rick pointed out, but it's a first step on that journey, and easy to implement without a lot of work. IBM should probably note it more prominently in the release notes for this HMC code level. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
