RE: FW: (REPOST) Sendmail 8.11 configuration/security issue

["Keith T. Morgan" <keith.morgan () terradon com>]

<snip>
> Sure. You could write a sendmail ruleset to prevent this too 
> (there are
> attempts of varying quality findable via groups.google.com). You can
> also write sendmail rulesets to bounce all mail with 'DUCK' in the
> subject line, but that won't protect you from all offensive 
> content. My
> point was that it 'breaks stuff' and it doesn't solve the problem of
> forged email except maybe for a single domain, or a list of domains.

Which is exactly what I think the original poster needed.

<snip>
> I'm coming from the school that says unsigned (and/or 
> unencrypted) email
> should not be used for 'business directives' anyway (for a variety of
> reasons) and that's what I tell clients. I don't think it's 
> that hard to
> convice people of this. Our users aren't stupid. They just 
> need to have
> things explained to them.

I agree 100%.  Unfortunately... while this is correct, it is out of touch with the real world as business directives 
occur daily all over the place with no digital signatures in email.  Additionally, depending on the importance/weight 
of the directive, even after educating users, you can bet they'll continue to use plaintext unsigned email for most 
business communications.  

Yes, awareness is good and will help... but I think we're digressing.  Our original poster wanted to know how to block 
the spoofed emails coming in on his mail servers.  I haven't seen a specific sendmail feature for this.  You make 
reference that it can be done and I agree.  Do you have a URL handy for the benefit of the original poster?  

<snip>