Re: [exim] stopping spam with forged from:

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M+\Evgeniy Berdnikov at <-
MMMSebastian Nielsen at ->
Delete this message
Reply to this message
Author: Cyborg
Date:  
To: exim-users
Subject: Re: [exim] stopping spam with forged from:
Am 25.05.22 um 17:20 schrieb Evgeniy Berdnikov via Exim-users:
> On Wed, May 25, 2022 at 08:38:32AM -0600, Chad Leigh Shire.Net LLC via Exim-users wrote:
>> What is the best strategy to combat and right out reject mail that
>> has the from: and the recipient address the same? Or alternately to
>> force things like SPF checking against the from: in addition to the
>> envelope-sender? (Not sure if that is a good idea — will it mess up
>> legit email from mail processors etc )
> Such a mail may be a test message that user sent to its own address.
> So blind comparison of From: and To: is not a good idea, especially taking
> into accout that To: can contain several destination addresses and
> may be used as Cc: field to keep own copy of outgoing mail.
>
> Take a look at DMARC.
but, a valid user would use SMTP-Auth which the spammer won't use.

so the test:  ( From == To || From in To || From in CC )  &&
SMTP-AUTH==FALSE  would be a valid methode IMHO.

It ofcourse requires the use of amtp-auth, but that should be enabled
anyway or the server will become or is an open relay for anyone.

best regards,
Marius

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] stopping spam with forged from:Re: [exim] stopping spam with forged from:->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)