"Odhiambo G. Washington" <wash@???> wrote:
> So when wash@??? sends an e-mail to SOME_USER@???, I see
> the following when the e-mail is finally being delivered to
> dropbox@???:
>
>
> 2004-06-03 14:43:11 H=sun.mmic.net [199.166.219.7] U=foobar
> F=<wash@???> \
> rejected RCPT <dropbox@???>: Suspected spoofed sender address. \
> Please use smtp authentication to send e-mail
>
> This is because I have a rule like this:
>
>
> deny message = Suspected spoofed the sender address. Please use \
> smtp authentication to send e-mail.
> !hosts = +relay_from_hosts
> !authenticated = *
> sender_domains = wananchi.com : [62.8.64.4] : [212.49.74.4]
>
>
> I suspect I am wrong here, but I don't like the idea of e-mails having
> @wananchi.com coming from servers other than 62.8.64.4 or 212.49.74.4
> as I have received those severally.
It's doing what you told it - the forwarded mail looks just like a spoofed
mail. It's a mail with a sender in your domain and a recipient in your
domain, coming from a non-internal host.
Peter