[CentOS] dealing with spoofing
Josh Miller
joshua at itsecureadmin.com
Wed Aug 31 20:59:59 UTC 2011
On 08/31/2011 01:57 PM, m.roth at 5-cent.us wrote:
> Josh Miller wrote:
>> On 08/31/2011 01:37 PM, Josh Miller wrote:
>>> On 08/31/2011 01:33 PM, m.roth at 5-cent.us wrote:
>>>> Josh Miller wrote:
>>>>> On 08/31/2011 01:27 PM, m.roth at 5-cent.us wrote:
>>>>>> Stephen Harris wrote:
>>>>>>>> Here's a thought I just thunk, folks: some scum, apparently in
>>>>>>>> eastern Europe, has harvested my email, and is using it in the
>>>>>>>> Reply-To: in its spamming efforts. Now, I realize that some
>>>> <snip>
>>>>>>> Anyway, the SMTP server should send the delivery failure to the
>>>>>>> envelope address, which may be different to both the From and
>>>>>>> Reply-To addresses.
> <snip>
>>
>> Why don't you use your SPF record to prevent spoofing (to most
>> providers...)?
>>
>> > dig -t txt 5-cent.us
>> ...
>> 5-cent.us. 14400 IN TXT "v=spf1 a mx ptr
>> include:hostmonster.com ?all"
>> ...
>>
>> You have one but you're not using it to prevent spoofing.
>
> Um, because I'm not that deep into that? Thank you, I'll look at setting
> that up. One question: is that in my registrar, or my hosting site? Given
> it's an MX record, I'm guessing it's the former.
It's a DNS record. Hostmonster is authoritative for your domain, so
you'll likely use them.
--
Josh Miller
Open Source Solutions Architect
http://itsecureadmin.com/
More information about the CentOS
mailing list