develooper Front page | perl.qpsmtpd | Postings from June 2012

validating from

Thread Next
From:
Matt Simerson
Date:
June 2, 2012 10:30
Subject:
validating from
Message ID:
ECAC0DC9-EA98-4469-ABCD-BAAD2F0940B4@tnpi.net

Is it a good idea to validate that the MAIL FROM address is the same as the From: header in the message?

What exceptions need to be made, if any?

What problems might I encounter if I were to do this?

I ask because I have a client who is currently getting spammed viciously by spammers who use one address in MAIL FROM (to pass SPF tests) and they use the senders email address in the From: header so they can get whitelist scoring by SpamAssassin. It's pretty clever.

I'm contemplating writing a plugin that would validate that they are the same. Pointers to RFCs, previous implementations, similar ideas, and further reading are welcome.

Another way to solve part of this problem is that if MAIL FROM contains a local domain, reject it unless relay_client is set and the local user exists. 

If the To header exists, shouldn't that also be validated against RCPT TO? 

Matt

`````````````````````````````````````````````````````````````````````````
  Matt Simerson                   http://matt.simerson.net/
  Systems Engineer            http://www.tnpi.net/

  Mail::Toaster  - http://mail-toaster.org/
  NicTool          - http://www.nictool.com/
`````````````````````````````````````````````````````````````````````````
Thread Next

nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About