开发者

Postfix anti spoofing filters [closed]

开发者 https://www.devze.com 2022-12-09 16:16 出处:网络
Closed. This question is off-topic. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed. This question is off-topic. It is not currently accepting answers.

Want to improve this question? Update the question so it's on-topic for Stack Overflow.

Closed 9 years ago.

开发者_开发知识库 Improve this question

I have applied the following filters (milters) in my Postfix incoming mail server:

  1. DKIM milter
  2. SenderID milter
  3. SPF policy.

All three append headers in the received e-mail regarding their checks.

I want to know how much protection do these provide me against spoofing and do i need something more?

Thanks in advance.

Ashish


Answer to my post is as follows:

  1. DKIM is not effective against spoofing as it's a means to check for non-repudiation of the email message and to verify the integrity and origin of data.

  2. SenderID and SPF are 100% effective against spoofing only when the mail server whose mail account being spoofed has implemented SenderID or SPF.

    i.e if a mail server is receiving mail on behalf of such mail server that has SPF or SenderID implemented then the receiving mail server can assure itself against spoofing by checking for later mail server's SPF or SenderID record.

Now since SPF and SenderID are not in e-mail must haves

and SMTP also doesn't care for sender authentication in the protocol itself ,

so a lot of mail server don't implement any of these

and with these three filters alone one can't be 100% sure that a particular mail being received on behalf of a given e-mail domain actually belongs to that e-mail domain or not, for all of the available mail servers on the internet.

0

精彩评论

暂无评论...
验证码 换一张
取 消