How to whitelist a domain while blocking forgeries using that domain?

Posted by QuantumMechanic on Server Fault See other posts from Server Fault or by QuantumMechanic
Published on 2012-08-30T18:09:27Z Indexed on 2012/08/30 21:40 UTC
Read the original article Hit count: 214

Filed under:
|
|
|

How do you deal with the case of:

  • wanting to whitelist a domain so that emails from it won't get eaten, but
  • not having emails forged to appear to be from that domain get bogusly whitelisted

whitelist_from_recvd looks promising, but then you have to know at least the TLD of every host that could send you mail from that domain. Often RandomBigCompany.com will outsource email to one or more sending companies (like Constant Contact and the like) in addition to using servers that reverse-resolve to something in its own domain. But it looks like whitelist_from_recvd can only map to one sending server pattern so that would be problematic.

Is there a way to say something like "if email is from domain X, subtract N points from the spam score"?

The idea would be that if the mail is legit, that -N will all but guarantee it isn't considered spam. But if it is spam, hopefully all the other failed tests will render it spam even with the -N being included.

© Server Fault or respective owner

Related posts about email

Related posts about emailserver