On Mon, 11 Mar 1996, Neal Becker wrote:
> Is there any mechanism in exim to help reject forged mail? I believe
> sender_verify only verifies that the sender address exists, not that
> the mail actually is coming from this IP address. Can exim do this (I
> think someone's routing forged mail through our hub!)
How would you propose to check? If you get mail from ph10@???
how can you tell which IP address it "should" come from? Looking in the
DNS gives you three IP addresses which *accept* mail for cus.cam.ac.uk;
it doesn't tell you which systems may legitimately emit such mail.
Indeed, any machine in the world may in some sense legitimately emit
such mail if the human doing it is a legal user of cus.cam.ac.uk. Or if
someone on cus.cam.ac.uk has sent mail to a machine which forwards it.
Furthermore, the mail may go through various MTAs on its way in any
case. They *should* add "Received:" lines, but they may not.
In short, it cannot be done, any more than you can verify that a snail
mail letter signed "Philip Hazel" has come from me without contacting me
and asking.
--
Philip Hazel University Computing Service,
ph10@??? New Museums Site, Cambridge CB2 3QG,
P.Hazel@??? England. Phone: +44 1223 334714