[CentOS] postfix and spam, I am impressed

Stephen Harris lists at spuddy.org
Tue Mar 13 06:38:29 EDT 2012


On Mon, Mar 12, 2012 at 07:48:14PM -0700, Nataraj wrote:
> On 03/12/2012 02:25 PM, m.roth at 5-cent.us wrote:

> > Here's a question: is there any way to inspect an email's headers, and
> > reject it if the alleged FWDN in the From:" doesn't match the oldest
> > "Received: "?

> That would be a good test.  Postfix does have the ability to match

It would be a _terrible_ test and would fail legitimate mail.
e.g. all those people with their domains delegated to google; the
source address might be their home internet IP and none of the rest
of the machines would contain the FQDN.  Heck, even people who use their
ISPs mail relay could suffer this one!
Some anti-virus software inserts Received headers.
Large corporations with multiple DNS domains.
Or people with home networks and their smart host that then forwards to
an authorised relay.
...

And that's just off the top of my head.

I believe you'd get a fair false-positive with such a test.
-- 

rgds
Stephen


More information about the CentOS mailing list