spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mauricio Tavares <raubvo...@gmail.com>
Subject Re: Understanding TrustPath
Date Tue, 11 Jan 2011 20:48:07 GMT
On 01/11/2011 03:33 PM, Adam Moffett wrote:
> On 01/11/2011 03:24 PM, Jari Fredriksson wrote:
>> On 11.1.2011 21:24, Mauricio Tavares wrote:
>>> Am I correct? What would stop someone from trying to fake the
>>> originating IP to fit the ones in the above list?
>> If I am not mistaken, the IP protocol and SMTP. Someone might fake the
>> address when sending to you MTA, but your MTA's response would go to
>> wrong address, the fake one. There would be no session and talk between
>> the hosts to create a SPAM
>
> Right, it's kind of difficult to fake your source IP in a TCP session.
> But if I read the manual correctly the whitelist_from_rcvd that he's
> asking about does lookups on hosts in the "Received-from: " headers in
> the message.....which would be trivial to fake.
>
	Sounds like whitelist_from_rcvd is not particularly useful then.

Mime
View raw message