[Mimedefang] MessageID anti-impersonation function for sub fi lter()

Cormack, Ken kcormack at acs.roadway.com
Wed May 26 11:06:16 EDT 2004


To test your concern, I sent myself test emails to my yahoo account.  Then,
using yahoo's "Display Full Headers" option, I confirmed that my Exchange
server's IMS had placed a valid MessageID into the outbound message.

That MessageID incorporated the hostname - dot - domainname, to the right of
the "@" symbol.

Similar messages sent from a couple internal production UNIX boxes as well,
ALL included the hostname of the originating MTA.  In NO cases, did any
outbound test messages go out as simply "@roadway.com" in the MessageID.
They ALL went out as "@hostname.roadway.com".  Therefore, I feel at ease
blocking anything that comes in, that lacks the hostname to the right of the
"@" symbol, in the MessageID.

KEN CORMACK, RHCE
Sr. UNIX Systems Analyst,
    Open Systems Group
Sr. Software Analyst,
    TSG Midrange Systems Group
AFFILIATED COMPUTER SERVICES, INC.

-----Original Message-----
From: mimedefang-bounces at lists.roaringpenguin.com
[mailto:mimedefang-bounces at lists.roaringpenguin.com]On Behalf Of Frank
Doepper
Sent: Wednesday, May 26, 2004 10:34 AM
To: mimedefang at lists.roaringpenguin.com
Subject: Re: [Mimedefang] MessageID anti-impersonation function for sub
filter()


Am 26.05.04 um 08:49 schrieb Cormack, Ken:

>Yesterday, I had a spam come in, in which I noticed the MessageID
>contained my own domain.  Since the originating MTA is responsible for
>generating the MessageID, and since the message came from the outside

What about forwarded mail? If someone from outside resends mail
originating from your domain to someone else within your domain?

FD
_______________________________________________
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
MIMEDefang at lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang



More information about the MIMEDefang mailing list