[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Spoofed email
- To: "Administrative (website/upkeep) Discussions" <admin at arabeyes dot org>
- Subject: Re: Spoofed email
- From: Youcef Rabah Rahal <rahal at arabeyes dot org>
- Date: Sat, 8 May 2004 04:02:22 +0200
- Organization: Arabeyes
- User-agent: KMail/1.5.3
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Salam,
On Thursday 06 May 2004 23:19, Nadim Shaikli wrote:
[...]
> but this "could" harm legit users and I'm not 100% certain it'll capture
> all future spoofs (not sure there is a method to do that - but I'm a
> newbie to all of this).
Is there a way to check that the SMTP server used to sent the email belongs to
the domain name that the 'Sender' field claims to belong to ?
Such a check should have blocked both the 'cvs' and the 'yahoo' spoofs. You
shouldn't be able for example to use your ISP's SMTP server to send emails
with @yahoo.com or @arabeyes.org identities.
I know many users use that (I don't know if Mohammed Sammeer's email on
reverse DNS was referring to that method ?), but many spam filters detect
that. I remember (when I was first setting my Kmail mailer) that I was trying
to email to my @hotmail.com account using my ISP's SMTP server as
rahal at arabeyes dot org and it was detected as spam.
Sorry, but I have no other ideas :)
Salam,
- --
Youcef R. Rahal
Arabeyes.org
http://www.arabeyes.org/~rahal
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAnD+vHDRR6Cd0eSYRAnk3AKCebBjkfvHud8XUr5ZGfiRk3hQdHwCeNMFv
IrsFAh6IKimgBccxKd5JGHI=
=xDee
-----END PGP SIGNATURE-----