Re: Avoid not authenticated forged mail
Yves Junqueira wrote:
> 2009/12/22 Carlos Acedo <carlos@pangea.org>
>> Hi,
>>
>> Once in a while I receive spam "from my own" mail address, many users send mails to themselfs, so what I would like is to allow only authenticated mail to be able to send mails to themselfs. Is that possible?
>
> Yes. You probably need a mix of strict SPF records in your domain,
> employ SPF checking in your MTA and accept authenticated only SMTP
> deliveries.
>
> This has the positive side effect of other mail systems being able to
> use these SPF records to check if they people are pretending to be
> you.
>
> When using SPF, it's also a good idea to use DKIM too.
I do agree that DKIM would solve this issue nicely. Since we implemented
it, this kind of issue are gone. If I may suggest you, you can use
dkimproxy 1.2 that I maintain and that has just been uploaded to SID (it
also works for Lenny out of the box without the need to backport as its
arch indep.).
Thomas
Reply to: