Matthew D. Fuller a écrit :
> On Wed, Jul 29, 2009 at 03:03:43PM +0100 I heard the voice of
> Clunk Werclick, and lo! it spake thus:
>> My apologies for the terse caveat. As I understand it, there are
>> some external mail services that roaming users may use that forward
>> mail into your Postfix claiming to be from your domain. Myself I do
>> not use this.
> The problem doesn't come from what you use, but from what any of your
> users may somewhere use.
> Imagine you are example.com, and have two users, a@..., and
> b@.... a@... sends mail to b@... (which
> you don't control, and know nothing about, short of looking up its MX
> record and sending the mail on its way). But b@... is
> just a forwarder and forwards the mail on to b@.... That
> forwarder won't (and quite probably _shouldn't_) change the envelope
> sender. Suddenly, you have mail from "outside", with an envelope
> sender that's you, but is perfectly legitimate. And pretty common.
> If you know all your users and know none of them do any such thing,
> filtering it works great. But if you're not absolutely sure, you
> could be setting out landmines.
Most sites should no more care about this "issue", in these days of SASL