Hi,
On 10/14/2015 06:08 PM, Dianne Skoll wrote:
On Wed, 14 Oct 2015 17:51:23 -0400
Alex <mysqlstud...@gmail.com> wrote:
I'd like to make sure incoming mail that appears to be "From:" one of
our internal users has indeed gone through one of the systems
specified in the SPF record, resulting in an SPF_PASS.
Can't be done. SPF looks at the envelope sender (what end-users know
as the Return-Path:) and not at all at the From: header.
Yes, I realize SPF is only concerned with the envelope-sender. I was
thinking it would be possible to somehow correlate the SPF_PASS with a
rule that analyzes the From: header and use that to compare?
Thanks,
Alex
You can do what you're trying to do with DKIM, though, and reject mail
claiming to be from your domain (in the From: header) that has an invalid
or no DKIM signature.
If you can't install DKIM software on your Exchange server, you can use
your Linux box as a smarthost and have the Linux box sign outbound
mail from the Exchange server.
Of course, internal mail won't ever leave the Exchange server and will thus
lack a DKIM signature, but that shouldn't be a problem... just check DKIM
on the MX hosts and not Exchange.
Regards,
Dianne.
