Jeroen van Aart wrote:
>>> How can I prevent Sender Forgery for my server. Alot of people in my
>>> company are getting e-mails from themselves. Any Ideas will be greatly
>>> appreciated.
>>>
>> Only allow local domains to be used on authenticated SMTP sessions on
>> the submission port. I'm doing this here since a long time with no
>
> You can't really stop forging the From: that way.
You can. In DATA acl:
deny message = Not allowed without SMTP AUTH
condition = ${if match_domain{${domain:$h_From:}}{+local_domains}}
!authenticated = *
> Neither will SPF stop
> forging email headers. Nothing really will, except a total redesign of
> the smtp protocol or a totally new protocol.
DKIM could stop people forging your domain in headers to a certain
extent. People need to start using it more first though.
> Grey listing and other spam filtering techniques will help a lot. Since
> emails with forged headers almost solely are from spammers you will
> block many forged emails that way.
Aye.
Mike
