[Greylist-users] Possible Enhancements

Deke Clinger dclinger at qualcomm.com
Mon Jan 24 19:05:31 PST 2005

On Mon, 24 Jan 2005, Jason 'XenoPhage' Frisvold wrote:

> James J Dempsey wrote:
> >There are lots of spam where the from: field lists a valid user on a valid
> >host with a valid MX record.  It just happens to be someone whose name has
> >been hijacked for this purpose, not the actual spammer.  This is often
> >called a Joe-job.
> >
> >
> Yeah..  But the general rule of thumb is that you don't trust the From:
> address..  So..  The only way to accomplish this would be to use the IP
> address of the incoming connection.  Reverse lookup, MX, and callback..
> Might be a bit much, but theoretically it shouldn't be a frequent
> operation.  Once a mailserver has "proven" itself, there's no need to
> look it up again...

If I'm only allowed to send mail with a From: address in the exact domain that
my IP resolves to that's going to break all kinds of stuff: hosted services,
masqueraded subdomains, etc.


More information about the Greylist-users mailing list