Re: [exim] Help with dropping spam e-mail.

Top Page

Reply to this message
Author: Jasen Betts
To: exim-users
Subject: Re: [exim] Help with dropping spam e-mail.
On 2018-05-15, Mike Brudenell via Exim-users <exim-users@???> wrote:
> On Mon, 14 May 2018 at 11:32, Jasen Betts via Exim-users <
> exim-users@???> wrote:
>> On 2018-05-14, Mark Elkins via Exim-users <exim-users@???> wrote:
>> > Someone is using "please@???" as the source of spam e-mail. The
>> > address does not exist...
>> step 0: publish an SPF record.
> Umm… This would help authenticate *outgoing* mail, but from the sound of it
> (here and in a later message) Mark is seeing *incoming* Non-Delivery
> Reports coming back *into* his <please@???> address. So an SPF
> record isn't likely to help block these as his domain won't be in the
> RFC5321.MailFrom address or the HELO string (used, if memory serves, when
> the RFC5321.MailFrom is <> such as for Non-Delivery Reports).

An SPF should make it harder to generate backscatter, hopefully most
systems that are opportunistically attempting to forward email are
at-least checking SPF.

> You're perhaps looking at BATV

BATV only works if you can rewrite the envelope sender of all messages from the