>I was basing it on the mail headers. Basically what your mail server reports >itself as to my mailserver. I've since found that my assumptions were not >100% correct.
ALL mail headers can be forged. Using easily forgeable Received: headers for validation is useless. Here are the checks your MTA/MX can perform: 1. For ip of sending MTA a. require PTR record ( avoid, too many false positives) b. require the PTR hostname and that hostname's A record match. Mostly reliable for detecting forgeries of frequently-forged @sender.domains, including your own (if you do your DNS correctly). Find a list of 4000+ frequently forged domains at monkeys.com with A + PTR matching. 2. Helo/ehlo a. helo/ehlo command required b. helo/ehlo hostname required and/or be a FQDN (avoid, too many false positives) b. filter for "trick" hostnames 3. MAIL FROM:<[EMAIL PROTECTED]> a. require FQDN for sender.domain b. require that sender.domain have A and/or MX records Len ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm