Postfix anti spoofing filters [closed]
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
开发者_开发知识库 Improve this questionI have applied the following filters (milters) in my Postfix incoming mail server:
- DKIM milter
- SenderID milter
- SPF policy.
All three append headers in the received e-mail regarding their checks.
I want to know how much protection do these provide me against spoofing and do i need something more?
Thanks in advance.
Ashish
Answer to my post is as follows:
DKIM is not effective against spoofing as it's a means to check for non-repudiation of the email message and to verify the integrity and origin of data.
SenderID and SPF are 100% effective against spoofing only when the mail server whose mail account being spoofed has implemented SenderID or SPF.
i.e if a mail server is receiving mail on behalf of such mail server that has SPF or SenderID implemented then the receiving mail server can assure itself against spoofing by checking for later mail server's SPF or SenderID record.
Now since SPF and SenderID are not in e-mail must haves
and SMTP also doesn't care for sender authentication in the protocol itself ,
so a lot of mail server don't implement any of these
and with these three filters alone one can't be 100% sure that a particular mail being received on behalf of a given e-mail domain actually belongs to that e-mail domain or not, for all of the available mail servers on the internet.
精彩评论