How to verify mail origin?

Posted by MrZombie on Stack Overflow See other posts from Stack Overflow or by MrZombie
Published on 2010-04-08T19:33:45Z Indexed on 2010/04/08 19:53 UTC
Read the original article Hit count: 374

Filed under:
|
|

I wish to code a little service where I will be able to send an e-mail to a specific address used by my server to send specific commands to my server.

I'll check against a list of permitted e-mail addresses to make sure no one unauthorized will send a command to the server, but how do I make sure that, say, an e-mail sent by "[email protected]" really comes from "thezombie.net"?

I thought about checking the header for the original e-mail server's IP and pinging the domain to make sure it is the same, but would that be reliable?

Example:

Server receives a command from [email protected] [email protected] is authorized, proceed with checks Server checks "thezombie.net"'s IP from the header: W.X.Y.Z Server pings "thezombie.net" for it's IP: A.B.C.D The IPs do not correspond, do not process command

Is there any better way to do that?

© Stack Overflow or respective owner

Related posts about smtp

Related posts about pop3