Ian Mitchell wrote: > HELO junkmail.com > MAIL FROM: <[EMAIL PROTECTED]> > RCTP TO: <[EMAIL PROTECTED]> > DATA > From: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> > To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> > ...
And presumably your server adds Return-Path: [EMAIL PROTECTED] > Now what's the advantage of the above? It appears to come from the > receiver thus allowing it to be filtered on appropriately. Now as > long as the email doesn't break too many of the litterally thousands > of other rules, it will make it through an appear to be legitimate > (at least on the side of the server). > > No email from my domain either in the plain text name portion or the > actual sender email address should orgininate outside my domain's SPF > record. Any suggestions for hunting and destroying these emails? I work on a site that has an "email this to a friend" feature... the above is more or less EXACTLY how I implement that. How would you suggest I do it so that you could send something to yourself? Or someone else could send something to you? HELO myserver.mydomain.example.com MAIL FROM: <[EMAIL PROTECTED]> RCPT TO: <[EMAIL PROTECTED]> DATA From: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> Sender: <[EMAIL PROTECTED]> And your server adds Return-Path: [EMAIL PROTECTED] My SPF record does include myserver.mydomain.example.com -- Matthew.van.Eerde (at) hbinc.com 805.964.4554 x902 Hispanic Business Inc./HireDiversity.com Software Engineer _______________________________________________ Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
