Author: Ian Eiloart Date: To: Jethro R Binks, Exim Users Mailing List Subject: Re: [exim] Blocking non-authenticated senders
--On 22 February 2007 12:26:02 +0000 Jethro R Binks
<jethro.binks@???> wrote:
> On Wed, 21 Feb 2007, Peter Velan wrote:
>
>> -- One message was triggered from a news website, where one user
>> informed about an interesting article. The email-system of this website
>> placed the email-address of the informing guy in envelope-from.
>
> The last time I thought about this setting, which would have been around
> 2000 or so, it was quite common for "greetings card" sites and similar to
> do this too. They were quite in-vogue at the time, I've no idea about
> now. As a general comment, there are probably many other cases that you
> haven't observed, so:
>
>> Conclusion: Its not worth the hassle!
>
> I agree with that conclusion, and one benefit of your investigation
> provides the Exim users archives with a more recent discussion on the
> matter.
>
>
I disagree. We don't allow incoming, unauthenticated email with sender
addresses in our domain - unless they carry a header that's been added by
our outbound servers. Some secure solutions have been proposed, but we use
something very simple. I'll move to a secure solution if it should ever
become necessary.
The policy caused some consternation at first, but our users soon learned
to use our MSA servers to send email. We don't really care about greeting
card sites, and the few other sites that do similar such stupid things have
simply been told to use their own email domains to send email.
The benefit has been that we can now deliver internal email into virtually
spam free mailboxes. The only 'internal' spam that I get is for postmaster,
and the odd warning of attempts to spam our Mailman lists. Of course, that
benefit is only a benefit because we're an organisation that uses a lot of
internal email.
