Re: Avoid not authenticated forged mail

To: debian-isp@lists.debian.org
Subject: Re: Avoid not authenticated forged mail
From: Thomas Goirand <thomas@goirand.fr>
Date: Tue, 22 Dec 2009 23:14:33 +0800
Message-id: <[🔎] 4B30E259.9030603@goirand.fr>
In-reply-to: <[🔎] 763f93c80912220539v9aa9e26wef62da548dfb99a7@mail.gmail.com>
References: <[🔎] 4B30C75E.9090209@pangea.org> <[🔎] 763f93c80912220539v9aa9e26wef62da548dfb99a7@mail.gmail.com>

Yves Junqueira wrote:
> 2009/12/22 Carlos Acedo <carlos@pangea.org>
>> Hi,
>>
>> Once in a while I receive spam "from my own" mail address, many users send mails to themselfs, so what I would like is to allow only authenticated mail to be able to send mails to themselfs. Is that possible?
> 
> Yes. You probably need a mix of strict SPF records in your domain,
> employ SPF checking in your MTA and accept authenticated only SMTP
> deliveries.
> 
> This has the positive side effect of other mail systems being able to
> use these SPF records to check if they people are pretending to be
> you.
> 
> When using SPF, it's also a good idea to use DKIM too.

I do agree that DKIM would solve this issue nicely. Since we implemented
it, this kind of issue are gone. If I may suggest you, you can use
dkimproxy 1.2 that I maintain and that has just been uploaded to SID (it
also works for Lenny out of the box without the need to backport as its
arch indep.).

Thomas

Reply to:

Follow-Ups:
- Re: Avoid not authenticated forged mail
  - From: Carlos Acedo <carlos@pangea.org>

References:
- Avoid not authenticated forged mail
  - From: Carlos Acedo <carlos@pangea.org>
- Re: Avoid not authenticated forged mail
  - From: Yves Junqueira <yves@cetico.org>

Prev by Date: Re: Avoid not authenticated forged mail
Next by Date: Re: Framework for web control panel.
Previous by thread: Re: Avoid not authenticated forged mail
Next by thread: Re: Avoid not authenticated forged mail
Index(es):
- Date
- Thread