On Fri, 16 Jan 2004, John A. Stewart wrote:
> Allowing authenticated connections (only) on an alternate port is also a good
> idea because some service providers force their customers to send mail
> via their own mail server by blocking outgoing connections to port 25.
> VPN is overkill in my view
On Fri, 2004-01-16 at 12:30, Joseph Brennan wrote:
> > Sender Permitted From (http://spf.pobox.com/)is designed to authenticate
> > who is allowed to send mail for a domain.
>
>
> I wonder if this can take off, in the face of so many people who
> have grown accustomed to sending legit mail with a
[EMAIL PROTECTED] writes:
>
> [EMAIL PROTECTED] wrote on 01/16/2004 12:30:33
> PM:
> > I wonder if this can take off, in the face of so many people who
> > have grown accustomed to sending legit mail with a sender address
> > that has no relation to the account and domain they are using to
> > se
At 10:00 AM 1/16/2004, [EMAIL PROTECTED] wrote:
As it's been said elsewhere, it won't take off until some of the biggies
adopt it - AOL, Yahoo, MSN. Then it might catch on.
Actually, AOL is already posting SPF records, at least on an experimental
basis. (They turned it off over the weekend, then
As for your vanity domain, you should be in control of the DNS entries
and you would add your ISP's mail server.
This would only work if I know what ISP I am sending from. That's
why I used the hotel room example.
For your Columbia.edu
address, you would probably need to find a way to deliver
On Fri, 16 Jan 2004, Joseph Brennan wrote:
> I wonder if this can take off, in the face of so many people who
> have grown accustomed to sending legit mail with a sender address
> that has no relation to the account and domain they are using to
> send the mail. Like my columbia.edu address when I
[EMAIL PROTECTED] wrote on 01/16/2004 12:30:33
PM:
> I wonder if this can take off, in the face of so many people who
> have grown accustomed to sending legit mail with a sender address
> that has no relation to the account and domain they are using to
> send the mail. Like my columbia.edu addres
Thanks.
I misunderstood but got straightened out.
> Our incoming mail is directed TO our MX servers. Our outgoing mail
> is sent FROM from our other mail servers. I dont think this is an
> unusual configuration. Your idea would block mail from us and, IMO,
> from other legit senders.
>
> I belie
Sender Permitted From (http://spf.pobox.com/)is designed to authenticate
who is allowed to send mail for a domain.
I wonder if this can take off, in the face of so many people who
have grown accustomed to sending legit mail with a sender address
that has no relation to the account and domain the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 13 Jan 2004 at 00:46 -0700, Lucas Albers at [EMAIL PROTECTED] said:
> I remember someone posting mx code, to verify mail from a domain came from
> the mx servers for the domain, but can't find it on the archive.
> Could someone post a link on
[EMAIL PROTECTED] wrote on 01/16/2004 08:55:41
AM:
>
> > I remember someone posting mx code, to verify mail from a domain came
from
> > the mx servers for the domain, but can't find it on the archive.
>
> Mail from our domain doesn't come from the mx servers. They handle
> inbound mail. Outg
I remember someone posting mx code, to verify mail from a domain came from
the mx servers for the domain, but can't find it on the archive.
Mail from our domain doesn't come from the mx servers. They handle
inbound mail. Outgoing mail comes from the outgoing mail servers.
Goodbye from half the '
OTECTED]>
> Sent: Tuesday, January 13, 2004 12:43 PM
> Subject: Re: [Mimedefang] rejecting on helo,drive-by-relay,forged_sender,
>
>
> > Chris Myers said:
> > >
> > > Some ISP's don't bother to set up reverse DNS for their customers so
> > > $R
- Original Message -
From: "Lucas Albers" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, January 13, 2004 12:43 PM
Subject: Re: [Mimedefang] rejecting on helo,drive-by-relay,forged_sender,
> Chris Myers said:
> >
> > Some ISP's do
Chris Myers said:
>
> Some ISP's don't bother to set up reverse DNS for their customers so
> $RelayHost will never match $helo... Sad but true.
>
> Chris
You would expect them to use mx hosts with at least reverse dns.
If AOL accepts only with reverse DNS.
Couldn't you argue the generally accepte
- Original Message -
From: "Lucas Albers" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, January 13, 2004 1:46 AM
Subject: [Mimedefang] rejecting on helo,drive-by-relay,forged_sender,
> I've been playing around with rejecting on helo/name/ip m
I've been playing around with rejecting on helo/name/ip matching.
If domain of helo and $hostname don't match and machine is a just an ip
address, reject the email.
A further refinement would be to check the mx servers for the listed $helo
domain and if the ip address matches the mx record for the
17 matches
Mail list logo
