On Sun, 2007-04-15 at 13:12 +0100, Alan Hicks wrote:
> Tommy Phipps wrote:
> > Our company is receiving spoofed emails using our domain name along
> with
> > many combinations of user names.
> >
> > I'm wondering if Exim can be set up to detect these spoofed messages
> to keep
> > them from being passed to Exchange.
> >
> > Thanks in advance for your help.
> >
> > Tommy Phipps
>
> Yes, I'm using the experimental Sender Policy Framework and it works
> well for this scenario. I used to get spoofed mail for most of the
> domains I manage. Now they are stopped when they say who they are
> sending as.
Yes, but unfortunately SPF blocks _valid_ mail too. But let's not repeat
that debate again. The facts are obvious enough to anyone who actually
thinks about it for a while.
http://david.woodhou.se/why-not-spf.html
--
dwmw2