On ons 28 jul 2010 17:37:51 CEST, Jeff Mincy wrote
meta __TRUSTED_NETWORKS (NO_RELAYS || ALL_TRUSTED)
header __LOCAL_SENDER From =~ /\...@mydomain\.com/i
that can and will be forged in its own, to solve:
header __LOCAL_SENDER Return-Path:addr =~ /\...@mydomain\.com/i
mta newer sets or add from: thats why return-path is more safe here
for that rule
meta FORGED_LOCAL_SENDER (__LOCAL_SENDER && !__TRUSTED_NETWORKS)
score FORGED_LOCAL_SENDER 0.1
meta VALID_LOCAL_SENDER (__LOCAL_SENDER && __TRUSTED_NETWORKS)
score VALID_LOCAL_SENDER -0.1
or simply add spf or dkim on recipient domain will also solve the
forges attempts
--
xpoint http://www.unicom.com/pw/reply-to-harmful.html