On 10/29/2009 11:40 AM, Brian Evans - Postfix List wrote:
Darek M wrote:
I'm unsure of what the typical procedure is on this, and didn't find
anything useful in a web search, but wouldn't it make sense to run SPF
on the header From as well? Is that something Postfix could be set to
do? What about triggering some action if the header and envelope From
are different?
If you did this, you could not read this message either. The message
header is From you, but the envelope sender is not.
A more sensible way is to use a policy server, such as policyd-weight or
policyd, to write/use rules to check client vs envelope sender.
A policy server wouldn't help much because the envelope sender
is either gmail or a (probably legit, hijacked) gmail-hosted
domain.
Blocking these requires content inspection. Clamav with the
Sanesecurity add-on signatures will catch most of these,
SpamAssassin usually catches the rest.
-- Noel Jones
