I'm surprised that no one has mentioned the SMTP AUTH and STARTTLS verbs. It is completely possible to authenticate people trying to send mail, and to refuse to accept mail appearing to come from an internal e-mail address if the sender hasn't authenticated. This can all be done without sending cleartext(-equivalent) passwords over the network. Consult Your MTA's documentation.
-&
> -----Urspr�ngliche Nachricht-----
> Von: David Gillett [mailto:[email protected]]
> Gesendet am: Dienstag, 25. Juni 2002 17:18
> An: [email protected]
> Betreff: Re: [FW-1] How to stop email Spammers from spoofing email
> address and domain name.
>
> The "From:" header is just a text string, and it can say anything
> the sender wants it to, including that the message came from YOU.
> Some spammers set it to match the address they're sending to, hoping
> that some naive anti-spam filters will let it through.
>
> You need to decide whether your users can live with having email
> blocked if it arrives from an external IP while claiming an internal
> origin domain. Travelling/remote users will have to use a
> VPN connection
> to send email if they want it to originate from their internal email
> address and traverse your server.
>
> Dave Gillett
>
>
> > -----Original Message-----
> > From: Mailing list for discussion of Firewall-1
> > [mailto:[email protected]]On
> > Behalf Of Keith
> > Skinner
> > Sent: Monday, June 24, 2002 8:19 PM
> > To: [email protected]
> > Subject: [FW-1] How to stop email Spammers from spoofing
> email address
> > and domain name.
> >
> >
> > I have a client that has been experiencing a lot of inbound
> > email that come
> > from an outside IP address, but has a source email address of
> > one of the
> > internal email accounts with their own domain name. For
> > example, an email
> > address of [email protected] to others within our
> > domain but the
> > source IP address is from outside of our network. How are
> > they doing this
> > and what can we as administrators do to stop or filter this
> > kind of identity
> > spoofing?
> >
> > ================To set vacation, Out Of Office, or away messages,
> > send an email to [email protected]
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > ================To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > ================If you have any questions on how to change your
> > subscription options, email
> > [email protected]
> > ================
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>