Re: [exim] Preventing Sender Forgery .

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Alan Hicks
Date:  
À: Marc Perkel
CC: exim-users
Sujet: Re: [exim] Preventing Sender Forgery .

Marc Perkel wrote:
> I disagree. SPF is a broken technology and no one should use it. It does
> nothing to prevent spam and it creates false positives. It breaks email
> forwarding.
>
> The biggest thing you can do you reduce sender forgery is to eliminate
> wildcard domains and reject invalid users at connect time. Forgers like
> to spoof domains that will pass anything when queried with sender
> verification.


SPF works well for the domains I look after, though I do agree that it
is unsuitable where forwarding is needed.

It shouldn't be forgotten that SPF has two aspects, one where you
identify the points where email can be sent from and the second where
this information is used to block incoming mail. If I only used SPF to
block mail I would find that many domains already use SPF and this
removes much spam; as I also have SPF records to identify where mail is
sent from I have found that it completely eliminates spam sent to users
from themselves and has eliminated many of the attacks that I used to
have to deal with.

Best,
Alan

>
> Dan_Mitton@??? wrote:
>> Check out SPF - Sender Policy Framework:
>>
>> http://www.openspf.org/
>>
>> Exim has some configuration options you need to set when you build exim to
>> enable spf.
>>
>> Dan
>>
>>
>>
>> Sent by:        exim-users-bounces@???
>> To:     exim-users@???
>> cc:      (bcc: Dan Mitton/YD/RWDOE)
>> Subject:        [exim] Preventing Sender Forgery .
>> LSN: Not Relevant
>> User Filed as: Not a Record

>>
>> Hi all ,
>>
>> How can I prevent Sender Forgery for my server. Alot of people in my
>> company are getting e-mails from themselves. Any Ideas will be greatly
>> appreciated.
>>
>> Best Regards,
>>
>> Jeremy
>>
>>
>