I think you are forgetting situations like mine, which is probably very common.. my website is co-located at an isp. They also provide me with incoming mail for my email account. All of my DNS stuff says that virtualtrials.com 208.206.10.19 (or something like that:) is the mail server.
Because this mail server is configured correctly, and it won't allow relaying of mail coming from outside of it's network, I can't use it with my cable modem connection as an outgoing mail server, so I use my cable company's outgoing mail server, mail.optonline.net. My mail goes out with a header saying [EMAIL PROTECTED] but if you traced it back it actually comes from an unrelated domain, optonline.net Your system would say it's spam.. but it isn't.. that is just a common way of securing a mail server. IF I had to follow your rules, my ISP would have to allow anyone to relay mail - since many customers are coming from outside the local network. Al At 06:49 AM 11/12/2002 -0500, you wrote: > > ALL mail headers can be forged. Using easily forgeable Received: headers > > for validation is useless. >True, but can they be forged properly is the question. I've caught enough spam >to see that it falls into specific patterns and if I can block half or more of >it because it falls into a pattern of having recognizably forged headers then >it's a good thing. I'm going to rewrite the function to just contain the IP >address checked so that if a machine announces itself as an IP and the IP does >not match the actual IP that sent the mail then it's spam. That's good for >10%-15% of the spam right there. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm
