Sam Varshavchik <[EMAIL PROTECTED]> wrote: > There's nothing a mail server can do to physically prevent a given mail > client from using any return address. The theoretically closest that > comes to that is requiring all mail clients to use authentication, and > restricting the From: header to match the authenticated sender's > identity; but that in no way stops the mail client from being > configured to use a different mail server.
A receiving MTA could use SPF[1] (Senders Permitted From), DMP[2] (Designated Mailers Protocol), the "RMX DNS RR Type for light weight sender authentication"[3], or similar methods to verify that the sending MTA has been authorized by a domain's owner to send mail "from" that domain. But every receiving MTA may as well decide not to perform such a verification. [1] http://spf.pobox.com [2] http://www.pan-am.ca/dmp/ [3] http://www.danisch.de/work/security/antispam.html ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
