[Greylist-users] Possible Enhancements
dclinger at qualcomm.com
Mon Jan 24 19:05:31 PST 2005
On Mon, 24 Jan 2005, Jason 'XenoPhage' Frisvold wrote:
> James J Dempsey wrote:
> >There are lots of spam where the from: field lists a valid user on a valid
> >host with a valid MX record. It just happens to be someone whose name has
> >been hijacked for this purpose, not the actual spammer. This is often
> >called a Joe-job.
> Yeah.. But the general rule of thumb is that you don't trust the From:
> address.. So.. The only way to accomplish this would be to use the IP
> address of the incoming connection. Reverse lookup, MX, and callback..
> Might be a bit much, but theoretically it shouldn't be a frequent
> operation. Once a mailserver has "proven" itself, there's no need to
> look it up again...
If I'm only allowed to send mail with a From: address in the exact domain that
my IP resolves to that's going to break all kinds of stuff: hosted services,
masqueraded subdomains, etc.
More information about the Greylist-users