[CentOS] postfix and spam, I am impressed

Tue Mar 13 10:38:29 UTC 2012
Stephen Harris <lists at spuddy.org>

On Mon, Mar 12, 2012 at 07:48:14PM -0700, Nataraj wrote:
> On 03/12/2012 02:25 PM, m.roth at 5-cent.us wrote:

> > Here's a question: is there any way to inspect an email's headers, and
> > reject it if the alleged FWDN in the From:" doesn't match the oldest
> > "Received: "?

> That would be a good test.  Postfix does have the ability to match

It would be a _terrible_ test and would fail legitimate mail.
e.g. all those people with their domains delegated to google; the
source address might be their home internet IP and none of the rest
of the machines would contain the FQDN.  Heck, even people who use their
ISPs mail relay could suffer this one!
Some anti-virus software inserts Received headers.
Large corporations with multiple DNS domains.
Or people with home networks and their smart host that then forwards to
an authorised relay.

And that's just off the top of my head.

I believe you'd get a fair false-positive with such a test.