> Why not use the HELO or REVDNS? REVDNS is going to be the safest > because of the difficulty in forging it
Not always... if the domain has a hard-fail SPF record that isn't *itself* dependent on forgeable records (only uses IPs and forward DNS entries), then the MAILFROM can't successfully impersonate the protected domain (the envelope sender can still be trivially crafted, of course, but the mail will be rejected). However, in the case under discussion, declude.com's SPF record depends on the forgeable PTR, so in this case the SPF isn't any stronger protection than REVDNS itself. I would hesitate to say that there's any "difficulty" forging the PTR as part of a targeted attack. @ Ben, the MAILFROM for list messages uses the format declude.junkmail-your_verp...@declude.com, so there is a consistent SMTP (RFC 821) emvelope sender to filter on. -- Sandy --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
