Educause Security Discussion mailing list archives
Re: authenticated "from" email address
From: "Christopher E. Cramer" <chris.cramer () DUKE EDU>
Date: Mon, 1 Nov 2004 14:51:41 -0500
spf might give you some of what you are looking for - at least in conjunction w/ authenticated smtp. what you can do is to specify the machine(s) or ip ranges which are authorized to send mail as being from your domain. then for any mail that is received by your (and many others') domain, there will be a check to see if the message originated from an authorized ip. now, spf still has a few issues and it certainly won't prevent spam, but it might be worth checking out if you are trying to prevent forging of your domain name (http://spf.pobox.com/). -c On Mon, 1 Nov 2004, Kevin Shalla wrote:
Because most of my legitimate email is from people within my email domain, I would like to be able to trust that email from users in my domain is actually from the account in the "from" field. If this were the case, I would get less spam, viruses, and worms, because now I get many messages with spoofed "from" addresses of internal users. Since both "blacklist" and "whitelist" strategies for dealing with spam require identifying the sender, this spoofing hobbles those strategies. Recently I heard about the SMTP Service Extension for Authentication <http://www.ietf.org/rfc/rfc2554.txt>, and had high hopes for it, but I've heard that once authenticated, the user is not restricted to sending messages with the "from" address of that authenticated user. Does anyone know if there is any protocol (or anything in the works) for restricting this way? ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- authenticated "from" email address Kevin Shalla (Nov 01)
- <Possible follow-ups>
- Re: authenticated "from" email address Christopher E. Cramer (Nov 01)