RE: Protection against fake mails

["Jens C. Laundrup" <laundrup () verizon net>]

If you Google SenderID you can read about it.  It is still in use and
growing.  It is not a foolproof solution but it is another rock we can throw
in the spammers' path.

Cheers, 
 

-----Original Message-----
From: securityfocus2 () googlegroups com
[mailto:securityfocus2 () googlegroups com] On Behalf Of Captain Bock
Sent: Thursday, 10 April, 2008 02:22
To: security-basics () securityfocus com
Subject: Re: Protection against fake mails


A few years ago, I needed to add an SPF record to my domains because some
banking servers required it.
I guess this was also an interesting solution.
Does someone know what's the state of the art of SPF?

On Wed, Apr 9, 2008 at 8:22 PM, Mark Owen <mr.markowen () gmail com> wrote:
>  On Wed, Apr 9, 2008 at 12:37 PM, WALI <hkhasgiwale () gmail com> wrote:
>  >  How do I guard against such emails originating from fake email  > 
> impersonations. Is there something I can do at our email gateway, 
> proxy or  > exchange sever (2003) levels?
>  >
>
>  Basic protection is to only allow e-mail originating from your domain  
> name to be allowed from a specific set of trusted mail servers.  This  
> will protect you internally from fake e-mails spoofing your domain but  
> will not block other spoofed domains.  Spoofed e-mails from other  
> domains may be blocked by relying on reverse DNS lookup and comparing  
> the resultant domain with that of the one specified in the e-mail, but  
> this will also block misconfigured servers and some sites on shared  
> hosting.  Long answer short, if you don't want to miss any e-mails  
> then theres really not much you can do.
>
>  What you can do to prove that your domain is not spoofed is to enable  
> DomainKeys[1] on your server.  If everyone did this then blocking fake  
> e-mails would be possible.
>
>  Hope this helps.
>
>
>
>  [1] http://en.wikipedia.org/wiki/DomainKeys
>
>
>
>
>  --
>  Mark Owen