Jim Ramsay <[EMAIL PROTECTED]> writes: > Fail: the message does not meet a domain's definition of legitimacy. > MTAs MAY reject the message using a permanent failure reply code. > (Code 550 is RECOMMENDED. See RFC2821 [11] section 7.1)
As a practical matter though, I don't expect many sites to allow such a message through, and just add a ``here look, this message is a forgery!'' stamp to it. > MAY is not MUST - so this may come through sometimes, depending on > the SMTP implementation, in which case I think TMDA SHOULD drop it. True, so we should document this because the possibility exists. BTW, are you just using 'headers' or 'headers-file' in your incoming filter to implement SPF checking? Also, I am already doing a crude SPF-like thing in Postfix. If the message is from [EMAIL PROTECTED], the connection must also be from hotmail.com, or I reject it. I do this for all of the common mail providers like yahoo.*, aol.com, etc. This has been 100% effective for me and reduced my spam influx tremendously. It's not as elegant as SPF of course because it doesn't accommodate sites which relay mail from a server in a different domain, and the list of domains to check must be hardcoded. _________________________________________________ tmda-workers mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-workers
