> Why not use the HELO or REVDNS? REVDNS is going to be the safest
> because of the difficulty in forging it

Not  always...  if  the  domain  has a hard-fail SPF record that isn't
*itself* dependent on forgeable records (only uses IPs and forward DNS
entries),   then  the  MAILFROM  can't  successfully  impersonate  the
protected  domain (the envelope sender can still be trivially crafted,
of course, but the mail will be rejected).

However,  in  the  case  under  discussion,  declude.com's  SPF record
depends  on  the  forgeable  PTR,  so  in  this case the SPF isn't any
stronger protection than REVDNS itself.

I  would hesitate to say that there's any "difficulty" forging the PTR
as part of a targeted attack.

@   Ben,   the   MAILFROM   for   list   messages   uses   the  format
declude.junkmail-your_verp...@declude.com,  so  there  is a consistent
SMTP (RFC 821) emvelope sender to filter on.

-- Sandy

This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to imail...@declude.com, and
type "unsubscribe Declude.JunkMail".  The archives can be found
at http://www.mail-archive.com.

Reply via email to