[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Avoid not authenticated forged mail

Yves Junqueira wrote:
> 2009/12/22 Carlos Acedo <carlos@pangea.org>
>> Hi,
>> Once in a while I receive spam "from my own" mail address, many users send mails to themselfs, so what I would like is to allow only authenticated mail to be able to send mails to themselfs. Is that possible?
> Yes. You probably need a mix of strict SPF records in your domain,
> employ SPF checking in your MTA and accept authenticated only SMTP
> deliveries.
> This has the positive side effect of other mail systems being able to
> use these SPF records to check if they people are pretending to be
> you.
> When using SPF, it's also a good idea to use DKIM too.

I do agree that DKIM would solve this issue nicely. Since we implemented
it, this kind of issue are gone. If I may suggest you, you can use
dkimproxy 1.2 that I maintain and that has just been uploaded to SID (it
also works for Lenny out of the box without the need to backport as its
arch indep.).


Reply to: