Quoting Oded Arbel, from the post of Mon, 19 Jun:
You might want to read up on SPF.
there's also yahoo's initiative of domainkeys, which is pretty neat, if
your SMTP server can implement it.
http://antispam.yahoo.com/domainkeys
http://ietf.org/html.charters/dkim-charter.html
--
Take with a
Ilya Konstantinov wrote:
Elazar Leibovich wrote:
Thanks! That's about the tool I've needed.
But do you have experience with it? Does it has many (any) false
positives? Will it reject many valid clients?
SPF is not about guesswork and false positives. For one, it requires
the active
Is there any automated tool to bounce email not from
the original server? That is, is there a tool that
bounces back emails claiming they're from hostA (their
from:[EMAIL PROTECTED]) however they're really from hostB
(that is, recieved: from hostB...).
This seems a good way to prevent many spam
On Mon, 19 Jun 2006 04:44:25 -0700 (PDT), E Leibovich wrote:
Is there any automated tool to bounce email not from
the original server? That is, is there a tool that
bounces back emails claiming they're from hostA (their
from:[EMAIL PROTECTED]) however they're really from hostB
(that is,
, 2006 2:44 PM
To: linux-il
Subject: Preventing email spoofing
Is there any automated tool to bounce email not from
the original server? That is, is there a tool that
bounces back emails claiming they're from hostA (their
from:[EMAIL PROTECTED]) however they're really from hostB
(that is, recieved: from
--=-RbnXbV2+yK88GJ6KFsTs
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
On Mon, 2006-06-19 at 04:44 -0700, E Leibovich wrote:
Is there any automated tool to bounce email not from
the original server? That is, is there a tool that
bounces back emails claiming they're from hostA
That's very true, I haven't thought of that. Thanks.
Any smarter idea? Maybe I can filter emails coming from my host email
address and then make sure they're not recieved: from unknown source
(spammers has the habbit of including your hostname in the from:
field, so that you'll whitelist them)
The thought-work was already done for you. As Oded said, read about
Sender Policy Framework (SPF). Using a mail server with SPF is about all
you can do; it ain't good news, but trust the smart people who thought
SPF up there isn't a better option.
Elazar Leibovich wrote:
That's very true, I
Thanks! That's about the tool I've needed.
But do you have experience with it? Does it has many (any) false
positives? Will it reject many valid clients?
On 6/19/06, Ilya Konstantinov [EMAIL PROTECTED] wrote:
The thought-work was already done for you. As Oded said, read about
Sender Policy
Elazar Leibovich wrote:
Thanks! That's about the tool I've needed.
But do you have experience with it? Does it has many (any) false
positives? Will it reject many valid clients?
SPF is not about guesswork and false positives. For one, it requires
the active participation of every domain you
On 6/19/06, Ilya Konstantinov [EMAIL PROTECTED] wrote:
Note that SPF is not something reserved for high-profile domains. Every
Nigerian scam domain can deploy SPF and then it'll be verifiable fair
and square. So, no easy way of killing off all those Nigerian scams? You
betcha there isn't.
11 matches
Mail list logo
