[CentOS] dealing with spoofing

Wed Aug 31 20:59:59 UTC 2011
Josh Miller <joshua at itsecureadmin.com>

On 08/31/2011 01:57 PM, m.roth at 5-cent.us wrote:
> Josh Miller wrote:
>> On 08/31/2011 01:37 PM, Josh Miller wrote:
>>> On 08/31/2011 01:33 PM, m.roth at 5-cent.us wrote:
>>>> Josh Miller wrote:
>>>>> On 08/31/2011 01:27 PM, m.roth at 5-cent.us wrote:
>>>>>> Stephen Harris wrote:
>>>>>>>> Here's a thought I just thunk, folks: some scum, apparently in
>>>>>>>> eastern Europe, has harvested my email, and is using it in the
>>>>>>>> Reply-To: in its spamming efforts. Now, I realize that some
>>>> <snip>
>>>>>>> Anyway, the SMTP server should send the delivery failure to the
>>>>>>> envelope address, which may be different to both the From and
>>>>>>> Reply-To addresses.
> <snip>
>>
>> Why don't you use your SPF record to prevent spoofing (to most
>> providers...)?
>>
>>   >  dig -t txt 5-cent.us
>> ...
>> 5-cent.us.              14400   IN      TXT     "v=spf1 a mx ptr
>> include:hostmonster.com ?all"
>> ...
>>
>> You have one but you're not using it to prevent spoofing.
>
> Um, because I'm not that deep into that? Thank you, I'll look at setting
> that up. One question: is that in my registrar, or my hosting site? Given
> it's an MX record, I'm guessing it's the former.

It's a DNS record.  Hostmonster is authoritative for your domain, so 
you'll likely use them.

-- 
Josh Miller
Open Source Solutions Architect
http://itsecureadmin.com/