On 08/11/2021 08:43, Ansgar Wiechers wrote:
On 2021-11-06 Wietse Venema wrote:
li...@lazygranch.com:
Reply-To: jm84450...@gmail.com
Use header_checks (not body_checks) if you want to block that.
Still, I would be concerned about rejecting legitimate email.
It's true that this can reject legitimate e-mail. However, the abuse of
Gmail Reply-To addresses by spammers/scammers is so rampant (at least in
my experience) that on my personal mail server I decided to reject
everything with a Gmail Reply-To except for whitelisted addresses.
Thanks for raising this. I tested how it might have worked for us, going
back 9 months. We see this abuse, but all attempts over that period have
been blocked by our existing spam-prevention tools. Whitelisting a
handful of 'From:' addresses could have avoided false positives
(applying hindsight), but - for us at least - the strategy would appear
to add nothing except a risk of future fps. YMMV, of course.
