Loading ...
Sorry, an error occurred while loading the content.

Re: envelope From and header From

Expand Messages
  • Noel Jones
    ... A policy server wouldn t help much because the envelope sender is either gmail or a (probably legit, hijacked) gmail-hosted domain. Blocking these requires
    Message 1 of 4 , Oct 29, 2009
    • 0 Attachment
      On 10/29/2009 11:40 AM, Brian Evans - Postfix List wrote:
      > Darek M wrote:
      >> I'm unsure of what the typical procedure is on this, and didn't find
      >> anything useful in a web search, but wouldn't it make sense to run SPF
      >> on the header From as well? Is that something Postfix could be set to
      >> do? What about triggering some action if the header and envelope From
      >> are different?
      >>
      >
      > If you did this, you could not read this message either. The message
      > header is From you, but the envelope sender is not.
      >
      > A more sensible way is to use a policy server, such as policyd-weight or
      > policyd, to write/use rules to check client vs envelope sender.
      >

      A policy server wouldn't help much because the envelope sender
      is either gmail or a (probably legit, hijacked) gmail-hosted
      domain.

      Blocking these requires content inspection. Clamav with the
      Sanesecurity add-on signatures will catch most of these,
      SpamAssassin usually catches the rest.

      -- Noel Jones
    Your message has been successfully submitted and would be delivered to recipients shortly.