[Debian-uk] email sender authentication on Debian
Martin A. Brooks
martin at hinterlands.org
Mon, 14 Apr 2008 23:19:39 +0100
Daniel Pocock wrote:
> Is there a recommended way of setting up SMTP sender authentication on
> Debian, particularly with the Postfix package?
Do you mean authenticating users who wish to use your SMTP server? Or
authenticating _messages_ sent from your SMTP server? For the purposes
of the rest of this email, I'm assuming the latter.
> I've noticed that the number of spam messages sent using forged email
> addresses from my own domain has been increasing, and Im keen to stamp
> it out.
There's essentially nothing you can do about this. Open relays and
hordes of worm infected Windows machines means your domain can be used
by anyone who wishes to do so to send email.
The only nearly-a-fix would be SPF, except SPF requires the co-operation
of everyone you send email to. i.e. they'll need to configure their SMTP
server(s) to check SPF records. Given many mail administrators, myself
included, consider SPF to be flawed, you'll find the takeup rate
comparatively low.
--
Martin A. Brooks | http://www.antibodymx.net/ | Anti-spam & anti-virus
Consultant | martin@antibodymx.net | filtering. Inoculate
antibodymx.net | m: +447896578023 | your mail system.