On 17 Nov 2005, at 10:06, Roger Håkansson wrote:
> David Woodhouse wrote:
>> That isn't a useful test. If your users send mail to any address
>> elsewhere which is forwarded back to a local user, you'll see
>> perfectly
>> genuine mail coming in from the outside but with your own users'
>> addresses.
>
> I'm aware of that, but its not a problem for me.
We handle that problem by adding a specific header to any local
outgoing mail. Then, we accept the mail if it has that specific
header. It's a very simple header, with no attempt at embedding any
secret - but that'll do until some spammer decides that we're worth
specifically targeting. Then, we'd probably use an MD5 hash of the
sender address, a secret and something time sensitive.
Of course, it does mean that home users HAVE to use our SMTP server
for message submission - so we provide for that with authenticated
SMTP on port 587.
--
Ian Eiloart
Postmaster, University of Sussex
() ascii ribbon campaign - against html mail
/\ - against microsoft attachments
