Anti-spam SMTP mods
Charles Steinkuehler
charles at steinkuehler.net
Wed Mar 3 19:44:27 CST 2004
Brian Densmore wrote:
>>-----Original Message-----
>>From: Charles Steinkuehler
>>
>>Has anyone on-list implemeted SPF (http://spf.pobox.com/) or one of the
>>other 2 methods currently being proposed to close the loopholes in SMTP
>>that allow forging of the envelop sender/from: header?
>>
>>I'm thinking of setting this up on my personal mail server, but am
>>wondering if it will be worth the hassle.
> I have a simple solution on my mail server. Only local users can create mail
> locally, and I only allow trused users to send mail. Now granted if a
> local user wanted to spoof the headers I don't know that my server is
> smart enough to prevent it. My old rules in postfix would have altered the sender info to state
the email headers as forged. I haven't written any custom rules for exim yet (just downloaded the
documentation this morning).
Different problem than SPF (and the alternative MS and Yahoo! proposals)
are designed to fix.
SPF is intended as a way to allow a third party (the recipient of the
e-mail) to tell if the sender and from: address are valid (ie: came from
your mail server) or are spoofed (ie: came from my rouge spam server).
> Is the SPF implementation hard? I may look into as my new lean mean debian server is using less
than 300 MB total installed software so far (web+mail+webmail).
It doesn't look too hard to implement, depending on what you're running.
The Exim 4 implementation is simply a set of rules you add to the
smpt_rcpt and smtp_data access lists. With qmail, you get to re-compile
from patched source (but then, that should be easy, since if you're
running qmail, you can probably patch and compile the source in your
sleep! :-).
There's also a DNS portion of SPF, which involves adding TXT records to
your domain indicating which machine(s) in your domain are allowed to
send mail.
--
Charles Steinkuehler
charles at steinkuehler.net
More information about the Kclug
mailing list