On 2007-02-09, Tim Rice <[EMAIL PROTECTED]> wrote: > Agreed. I stopped whitelisting the entire domain years ago. > But I do have all the valid user accounts in a company wide whitelist > and a cron job that maintains it.
A few questions: 1) How many addresses are in the "valid user accounts" whitelist? 2) Is it a small number of valid addresses that are being forged over and over again, or is it many different addresses? If it's a small number of addresses and the number of valid users is high, I'd guess that the spammer is just guessing and getting lucky. I'm not sure how to deal with this. I can imagine TMDA working just file without matching against the Reply-To: address (maybe I'm wrong about this, though). On the other hand, I can't even imagine how TMDA could possibly work if it wasn't able to match valid addresses against the From: address. Lots of legitimate email comes with a different envelope address and From: address. You really want TMDA to match against the From: address, and not exclusively against the envelope address. I don't know why matching against the Reply-To: is required. So I could see an argument for adding a switch to TMDA that turns off this matching. But I may just be missing something important. _________________________________________________ tmda-workers mailing list ([email protected]) http://tmda.net/lists/listinfo/tmda-workers
