> Let's say that the SPF record for futuresource.com says that the > allowed relay is mail.futuresource.com. This means that mail coming > from mail.futuresource.com (as the relay) is legitimate and that all > other mail is likely to be forged. Now, why would > mail.futuresource.com allow someone to spoof the envelope sender from > its own domain? For example, my mail server has been configured to > check all envelope sender addresses which are from local domains. > Therefore, I can't send a message with an envelope sender of > [EMAIL PROTECTED] If SPF was widely adopted, these two > measures would effectively stop forgery of all wiktel.com addresses.
Do you also check [EMAIL PROTECTED] What about people sending email themselves but receiving through your MX? What about people that have access through another company with one of your domains but they arent using your mailserver with authentication? What about receiving email from [EMAIL PROTECTED] from a mailserver that isnt listed as being from AOL, to a valid customer of yours? Cor _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
