--On 15 November 2008 13:21:28 -0500 Troy Settle <troy@???> wrote:
>
> Peter Bowyer wrote:
>> 2008/11/13 David Chait <David.Chait@???>:
>>
>>> All,
>>>
>>> I have been looking for an ACL to effectively restrict
>>> incoming mail claiming to be from my own domain to only a specific set
>>> of Ips that I own, and drop all other spammers/imposters, how would I go
>>> about formulating this?
>>>
>>
>> deny message = Go away, forger
>> sender_domains = +list_of_my_domains
>> !hosts = +list_of_my_hosts
>>
>>
>
> Be careful with this though. There are legitimate reasons for mail from
> your domain(s) to originate from outside of your own network. PayPal,
> Ebay, Criaigslist, and others will send/forward legitimate messages with
> 'forged' credentials. Not saying it is right for them to do so, but it
> happens nonetheless.
We do something similar to this, but before rejecting the email, we test
for the presence of a header that we've added. That allows forwarded email
to return to use. We absolutely forbid other sites to originate email in
our domain, and we wish that other sites would follow suit. There's
absolutely no way that spam will ever stop if this practice is allowed to
persist.
>
> --
> Troy Settle
> Pulaski Networks
> 866.477.5638
>
--
Ian Eiloart
IT Services, University of Sussex
x3148