Re: [Exim] blocking fake yahoo and hotmail

Pàgina inicial
Delete this message
Reply to this message
Autor: Suresh Ramasubramanian
Data:  
A: Giuliano Gavazzi
CC: Rossz Vamos-Wentworth, exim-users
Assumpte: Re: [Exim] blocking fake yahoo and hotmail
Giuliano Gavazzi writes on 11/21/2003 3:12 AM:

> 2) more importantly, one can set his return address to a valid
> yahoo/hotmail address but use his own ISP SMTP server to send mail.
> You would reject these messages. This is not too common, but how
> uncommon is it?


That is not a problem. Where your approach fails is .forwards where
your user has (say) a mail.com / bigfoot / shell account pointing to his
account on your domain. Someone from hotmail mails him on that shell
account.

> A safer approach is, independently from the sender domain, check the
> HELO argument, if it contains (yahoo|hotmail)\.com check the reverse
> DNS, if the reverse does not contain the same string, defer it. Use


If HELO yahoo.com comes from an IP with non yahoo rDNS, DENY - don't
waste time deferring it.

    srs