Is it a good idea to validate that the MAIL FROM address is the same as the From: header in the message?
What exceptions need to be made, if any? What problems might I encounter if I were to do this? I ask because I have a client who is currently getting spammed viciously by spammers who use one address in MAIL FROM (to pass SPF tests) and they use the senders email address in the From: header so they can get whitelist scoring by SpamAssassin. It's pretty clever. I'm contemplating writing a plugin that would validate that they are the same. Pointers to RFCs, previous implementations, similar ideas, and further reading are welcome. Another way to solve part of this problem is that if MAIL FROM contains a local domain, reject it unless relay_client is set and the local user exists. If the To header exists, shouldn't that also be validated against RCPT TO? Matt ````````````````````````````````````````````````````````````````````````` Matt Simerson http://matt.simerson.net/ Systems Engineer http://www.tnpi.net/ Mail::Toaster - http://mail-toaster.org/ NicTool - http://www.nictool.com/ `````````````````````````````````````````````````````````````````````````