Preventing email abuse is a very complex issue. One small piece of this is strengthening identity in email to give receivers a better idea of who is really sending mail. This is not the same thing as strong identity technologies such as GPG or S/MIME signing.
There are two major technologies for domain level forgery protection that are at some reasonable level of deployment. Sender Policy Framework (SPF - http://www.openspf.org) works to protect the message envelope. Domain Keys (DK) and Domain Keys Identified Mail (DKIM) are cryptographic methods designed to protect the body of messages from spoofing. DK is the original approach published by (and still used by) Yahoo!. DKIM is the version standardized by the IETF and has been more broadly adopted. There is a lot of complexity buried in these two technologies and I'm not going to try and explain them here. The purpose of this message is to let you know they are both supported in Ubuntu Server. With both of these, there is more than one way to do it. I'll mention here the packages that I think are the most well developed today for use with Postfix (the standard MTA for Ubuntu). For SPF, python-policyd-spf is available for Feisty and Gutsy in the regular release and for Dapper, Edgy, Feisty, and Gutsy in backports. The released version of Postfix will work just fine with this package for all the releases. https://launchpad.net/ubuntu/+source/pypolicyd-spf For DKIM, the dkim-filter (dkim-milter) package works well in my experience. It is available for Gutsy in the regular release and in backports for Dapper, Feisty, and Gutsy. For Dapper, use of the Postfix in backports is required. For Feisty, the released Postfix will work, but using the later version in backports is strongly recommended if you are going to run a milter. https://launchpad.net/ubuntu/+source/dkim-milter All of this is either in Universe or in Backports, so none of it is officially supported by Canonical. Scott K -- ubuntu-server mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
