Re: [FW-1] Filtering incoming SMTP "from" your domain via SS

[Russell Washington <russ.washington@FW1-NOSPAMVAULTSENTRY.COM>]

Title: Message

I'm a little confused.  If someone is sending legitimate email to someone@foxboro.com, you're accepting it.  If the 'from' email address is forged to be someoneelse@foxboro.com, but the to address is still someone@foxboro.com, there is a legitimate recipient for the message on your network.

 

I'm trying to determine the benefit to putting in the no-forge restriction.  Is the idea to prevent spammers from dumping things into your net?  If so, it's an interesting idea, but the spam I get rarely forges the from address as being specifically from *my* domain.

 

On its face it sounds like added complexity with minimal benefit.  Could you perhaps clarify the intended goal?

-----Original Message-----
From: Coleman, Clayton [mailto:lcoleman@FOXBORO.COM]
Sent: Tuesday, June 04, 2002 8:20 AM
To: FW-1-MAILINGLIST@beethoven.us.checkpoint.com
Subject: [FW-1] Filtering incoming SMTP "from" your domain via SS

Here's the scenario:  We block all incoming mail not destined for our mail domains (to block relay) but we are also considering not allowing people to deliver mail to us that appear to come from our domain.  Confusing?

Simply put, should we allow someone from the Internet to deliver to our SMTP server "From: lcoleman@foxboro.com" "To: lcoleman@foxboro.com" since all mail from foxboro.com should come from internal?   What would be the downsides of blocking someone from the Internet who tries to do that? 

And, can we do that in a resource...?  I only think it works for the destination domain, not the source domain of the email.

Thanks much.

Clayton