On 29.07.16 15:50, Bill Cole wrote: > > > is there any chance that a whitelisted IP address [...] could > > > have been spoofed? > > > > Yes. Search for "IP address spoofing" in the search engine of your > > choice and you will find what you are looking for. > > By that standard, we are ruled by a disguised race of alien > lizard-people. (Really, Google it...)
Roger's question was clear. "Is there any chance that a whitelisted IP address [...] could have been spoofed?". The answer is yes. Based on the information available, everybody can make up his/her own mind about how feasible this attack vector is, about the potential value of their respective IT infrastructure as a target, and about the potential damage inflicted. For myself and my customers, I don't rely on IP addresses, but use strong encryption and authentication, as many others here on this list are likely to do to a similar degree. In any case, this subject is better suited for a networking related mailing list then it is for the Postfix ML. -Ralph
