Paul M Foster said:
> I'm getting a lot of bounce messages from destinations on big networks.
> Someone is spamming random names on large networks like hawaii.rr.net
> and cox.net using my email address as the "From". I can route the bounce
> messages to /dev/null, but that's not really the point. Anyone know how
> to stop the masquerading in the first place (other than not having your
> email address visible anywhere)? I know, probably a dumb question, but I
> had to ask.
>
> Paul
Check out Sender Policy Frmaework at http://spf.pobox.com/
It's been a while since I've done anything with SPF, but here is how I remember it.
This may not be accurate, see the above website for more details.
It's not something that you can install on your mail system and be done with it. In
a nutshell, you add an SPF DNS record that states which servers can send email from
your domains. Then, SMTP servers that have been configured to use SPF check for
these records before accepting mail. If there is no SPF record, I believe they
generally accept the mail. If the sending server has an SPF record, the mail is also
accepted. If the sending server is not listed as an authorized sender for your
domain, they reject the mail. Since they know that the server is not one of yours,
they don't bother to send you a bounce message.
Of course, this solution depends on the receiving mail systems to check for SPF
records. It is fairly simple to add an SPF record to your DNS zone. The SPF website
above has a wizard to help you get the syntax right.
Doug
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:09:26 EDT