Anti-spam SMTP mods

[Charles Steinkuehler]

Brian Densmore wrote:
>>-----Original Message-----
>>From:	Charles Steinkuehler
>>
>>Has anyone on-list implemeted SPF (http://spf.pobox.com/) or one of the 
>>other 2 methods currently being proposed to close the loopholes in SMTP 
>>that allow forging of the envelop sender/from: header?
>>
>>I'm thinking of setting this up on my personal mail server, but am 
>>wondering if it will be worth the hassle.

> I have a simple solution on my mail server. Only local users can create mail
> locally, and I only allow trused users to send mail. Now granted if a 
> local user wanted to spoof the headers I don't know that my server is
> smart enough to prevent it. My old rules in postfix would have altered the sender info to state 
the email headers as forged. I haven't written any custom rules for exim yet (just downloaded the 
documentation this morning).

Different problem than SPF (and the alternative MS and Yahoo! proposals) 
are designed to fix.

SPF is intended as a way to allow a third party (the recipient of the 
e-mail) to tell if the sender and from: address are valid (ie: came from 
your mail server) or are spoofed (ie: came from my rouge spam server).

> Is the SPF implementation hard? I may look into as my new lean mean debian server is using less 
than 300 MB total installed software so far (web+mail+webmail).

It doesn't look too hard to implement, depending on what you're running. 
The Exim 4 implementation is simply a set of rules you add to the 
smpt_rcpt and smtp_data access lists.  With qmail, you get to re-compile 
from patched source (but then, that should be easy, since if you're 
running qmail, you can probably patch and compile the source in your 
sleep! :-).

There's also a DNS portion of SPF, which involves adding TXT records to 
your domain indicating which machine(s) in your domain are allowed to 
send mail.

-- 
Charles Steinkuehler
charles at steinkuehler.net